Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 615
Alerts This Week
Warning Icon 1 615

Ubuntu 22.10 & 22.04 LTS USN-5848-1 Moderate: Less Denial Of Service

ubuntu
Calendar Grey February 9, 2023
Dist Ubuntu Esm H88
Ubuntu Security Announcement USN-5849-1 tackles a reduced vulnerability to service disruption. Mandatory update urged for Ubuntu 22.04 LTS and 22.10.
Use of less could result in a denial of service

Summary

Use of less could result in a denial of service

Software Description:

- less: pager program similar to more

Details:

David Leadbeater discovered that less was not properly handling escape

sequences when displaying raw control characters. A maliciously formed

OSC 8 hyperlink could possibly be used by an attacker to cause a denial of

service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.10:
less 590-1ubuntu0.22.10.1

Ubuntu 22.04 LTS:
less 590-1ubuntu0.22.04.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5848-1

CVE-2022-46663

February 09, 2023

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.