Several security issues were fixed in GNU C Library.
Software Description:
- glibc: GNU C Library
Details:
It was discovered that the GNU C Library was not properly handling certain
memory operations. An attacker could possibly use this issue to cause a
denial of service (application crash). (CVE-2023-4806, CVE-2023-4813)
It was discovered that the GNU C library was not properly implementing a
fix for CVE-2023-4806 in certain cases, which could lead to a memory leak.
An attacker could possibly use this issue to cause a denial of service
(application crash). This issue only affected Ubuntu 23.04. (CVE-2023-5156)
The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: libc-bin 2.37-0ubuntu2.2 libc6 2.37-0ubuntu2.2 Ubuntu 22.04 LTS: libc-bin 2.35-0ubuntu3.5 libc6 2.35-0ubuntu3.5 Ubuntu 20.04 LTS: libc-bin 2.31-0ubuntu9.14 libc6 2.31-0ubuntu9.14 Ubuntu 18.04 LTS (Available with Ubuntu Pro): libc-bin 2.27-3ubuntu1.6+esm1 libc6 2.27-3ubuntu1.6+esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): libc-bin 2.23-0ubuntu11.3+esm5 libc6 2.23-0ubuntu11.3+esm5 After a standard system update you need to reboot your computer to make all the necessary changes.
https://ubuntu.com/security/notices/USN-6541-1
CVE-2023-4806, CVE-2023-4813, CVE-2023-5156
Get the latest Linux and open source security news straight to your inbox.