Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 6745-1 Critical: Percona XtraBackup Code Execution Risk

ubuntu
Calendar Grey April 22, 2024
Dist Ubuntu Esm H88
Recent vulnerabilities in Percona XtraBackup for Ubuntu pose a serious security risk, allowing unauthorized program execution via crafted files. Immediate updates are advised
percona-xtrabackup could be made to run programs as your login if it opened a specially crafted file.

Summary

percona-xtrabackup could be made to run programs as your login if it

opened a specially crafted file.

Software Description:

- percona-xtrabackup: Open source backup tool for InnoDB and XtraDB

Details:

It was discovered that in Percona XtraBackup, a local crafted filename

could trigger arbitrary code execution.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS (Available with Ubuntu Pro):
  percona-xtrabackup              2.4.9-0ubuntu2+esm1

Ubuntu 16.04 LTS (Available with Ubuntu Pro):
  percona-xtrabackup              2.3.7-0ubuntu0.16.04.2+esm1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6745-1

CVE-2022-25834

Severity
critical
Lowest
Low
Medium
High
Critical

==========================================================================

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here