Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Ubuntu 20.04-18.04 USN-6048-1 Severe: ZenLib Crash Risk

Calendar May 01, 2023 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory DoS Ubuntu update instructions severe ZenLib
ZenLib could be made to crash if it received specially crafted input. 
=========================================================================Ubuntu Security Notice USN-6048-1
April 28, 2023

ZenLib vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM

Summary:

ZenLib could be made to crash if it received specially crafted
input.

Software Description:
- libzen: ZenLib C++ utility library -- development files

Details:

It was discovered that ZenLib doesn't check the return value of a specific
operation before using it. An attacker could use a specially crafted input
to crash programs using the library.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
    libzen-dev                      0.4.37-1ubuntu0.20.04.1
    libzen0v5                       0.4.37-1ubuntu0.20.04.1

Ubuntu 18.04 LTS:
    libzen-dev                      0.4.37-1ubuntu0.18.04.1
    libzen0v5                       0.4.37-1ubuntu0.18.04.1

Ubuntu 16.04 ESM:
    libzen-dev                      0.4.32-1ubuntu0.16.04.1+esm1
    libzen0v5                       0.4.32-1ubuntu0.16.04.1+esm1

Ubuntu 14.04 ESM:
    libzen-dev                      0.4.29-1ubuntu0.1~esm1
    libzen0                         0.4.29-1ubuntu0.1~esm1

In general, a standard system update will make all the necessary changes.

References:
 

    CVE-2020-36646

Package Information:
https://launchpad.net/ubuntu/+source/libzen/0.4.37-1ubuntu0.20.04.1 

https://launchpad.net/ubuntu/+source/libzen/0.4.37-1ubuntu0.18.04.1

Ubuntu 20.04-18.04 USN-6048-1 Severe: ZenLib Crash Risk

ubuntu
Calendar Grey May 1, 2023
Dist Ubuntu Esm H88
ZenLib may experience failures with certain data inputs on Ubuntu distributions. To mitigate this vulnerability, please ensure your system is updated.
ZenLib could be made to crash if it received specially crafted input.

Summary

Topics%20covered

Topics Covered

security advisory DoS Ubuntu update instructions severe ZenLib

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS:   libzen-dev                      0.4.37-1ubuntu0.20.04.1   libzen0v5                       0.4.37-1ubuntu0.20.04.1 Ubuntu 18.04 LTS:   libzen-dev                      0.4.37-1ubuntu0.18.04.1   libzen0v5                       0.4.37-1ubuntu0.18.04.1 Ubuntu 16.04 ESM:   libzen-dev                      0.4.32-1ubuntu0.16.04.1+esm1   libzen0v5                       0.4.32-1ubuntu0.16.04.1+esm1 Ubuntu 14.04 ESM:   libzen-dev                      0.4.29-1ubuntu0.1~esm1   libzen0                         0.4.29-1ubuntu0.1~esm1 In general, a standard system update will make all the necessary changes.

References

  CVE-2020-36646

Severity
critical
Lowest
Low
Medium
High
Critical

April 28, 2023

Topics%20covered

Topics Covered

security advisory DoS Ubuntu update instructions severe ZenLib

Package Information

https://launchpad.net/ubuntu/+source/libzen/0.4.37-1ubuntu0.20.04.1 https://launchpad.net/ubuntu/+source/libzen/0.4.37-1ubuntu0.18.04.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here