ORC could be made to crash or execute arbitrary code
Software Description:
- orc: Library of Optimized Inner Loops Runtime Compiler
Details:
USN-6964-1 fixed a vulnerability in ORC. This update provides the
corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
Noriko Totsuka discovered that ORC incorrectly handled certain
specially crafted files. An attacker could possibly use this issue
to execute arbitrary code.
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS liborc-0.4-0 1:0.4.28-1ubuntu0.1~esm1 Available with Ubuntu Pro liborc-0.4-dev 1:0.4.28-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS liborc-0.4-0 1:0.4.25-1ubuntu0.1~esm1 Available with Ubuntu Pro liborc-0.4-dev 1:0.4.25-1ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-6964-2
https://ubuntu.com/security/notices/USN-6964-1
CVE-2024-40897
Get the latest Linux and open source security news straight to your inbox.