Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Ubuntu 22.10 and 22.04 LTS USN-5885-1 Moderate: APR Integer Overflow

ubuntu
Calendar Grey February 27, 2023
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-5886-1 addresses a security flaw in the OpenSSL library that exposes users to data breaches and unauthorized information access.
APR could possibly be made to crash or run programs if it received specially crafted network traffic.

Summary

APR could possibly be made to crash or run programs if it received

specially crafted network traffic.

Software Description:

- apr: Apache Portable Runtime Library

Details:

Ronald Crane discovered integer overflow vulnerabilities in the Apache

Portable Runtime (APR) that could potentially result in memory corruption.

A remote attacker could possibly use these issues to cause a denial of

service or execute arbitary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.10:
libapr1 1.7.0-8ubuntu0.22.10.1

Ubuntu 22.04 LTS:
libapr1 1.7.0-8ubuntu0.22.04.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5885-1

CVE-2022-24963

February 27, 2023

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here