Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 510
Alerts This Week
Warning Icon 1 510

Ubuntu 22.10: 5748-1 Critical Security Flaw in Sysstat DoS Vulnerability

ubuntu
Calendar Grey November 29, 2022
Dist Ubuntu Esm H88
Ensure your Ubuntu installation is updated to patch the sysstat vulnerability impacting various versions. There's a critical risk of denial-of-service (DoS) or potential code execution.
Sysstat could be made to crash or run programs if it processed specially crafted data.

Summary

Sysstat could be made to crash or run programs if it processed specially

crafted data.

Software Description:

- sysstat: system performance tools for Linux

Details:

It was discovered that Sysstat incorrectly handled certain arithmetic

multiplications. An attacker could use this issue to cause Sysstat to

crash, resulting in a denial of service, or possibly execute arbitrary

code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.10:
   isag                            12.5.6-1ubuntu0.1
   sysstat                         12.5.6-1ubuntu0.1

Ubuntu 22.04 LTS:
   isag                            12.5.2-2ubuntu0.1
   sysstat                         12.5.2-2ubuntu0.1

Ubuntu 20.04 LTS:
   isag                            12.2.0-2ubuntu0.2
   sysstat                         12.2.0-2ubuntu0.2

Ubuntu 18.04 LTS:
   isag                            11.6.1-1ubuntu0.2
   sysstat                         11.6.1-1ubuntu0.2

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5748-1

CVE-2022-39377

Severity
critical
Lowest
Low
Medium
High
Critical

November 29, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.