Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
91
security advisorygentooremote code executionGentoo GLSA-202402-16 Normal: Multiple Issues in Apache Log4j Remote Exec
Multiple vulnerabilities have been discovered in Apache Log4j, the worst of which can lead to remote code execution.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202402-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Apache Log4j: Multiple Vulnerabilities Date: February 18, 2024 Bugs: #719146 ID: 202402-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in Apache Log4j, the worst of which can lead to remote code execution. Background ========== Log4j is a Java logging framework that supports various use cases with a rich set of components, a separate API, and a performance-optimized implementation. Affected packages ================= Package Vulnerable Unaffected -------------- ------------ ------------ dev-java/log4j
Feb 18, 2024
Gentoo
172
security advisorydenial of servicecode executionUbuntu 16.04 ESM: 5192-2 Critical: Apache Log4j 2 Remote Code Execution
Apache Log4j 2 could be made to crash or run programs as an administrator if it received a specially crafted input.. =========================================================================Ubuntu Security Notice USN-5192-2 December 17, 2021 apache-log4j2 vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM Summary: Apache Log4j 2 could be made to crash or run programs as an administrator if it received a specially crafted input. Software Description: - apache-log4j2: Apache Log4j - Logging Framework for Java Details: USN-5192-1 fixed a vulnerability in Apache Log4j 2. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run programs via a special crafted input. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: liblog4j2-java 2.4-2ubuntu0.1~esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5192-2 https://ubuntu.com/security/notices/USN-5192-1 CVE-2021-44228 . The recent flaw in Apache Log4j 2 enables unauthorized remote execution and system instability. It's crucial to apply the necessary security updates to your Ubuntu system.. apache log4j, linux security, ubuntu advisory. . Severity: Critical. LinuxSecurity.com Team
Dec 17, 2021
•Critical
Ubuntu
172
security advisorydenial of serviceadvisoryUbuntu 21.10 / 21.04 / 20.04 LTS: 5197-1 Moderate: Apache Log4j 2 DoS
Apache Log4j 2 could be made to crash if it received specially crafted input.. =========================================================================Ubuntu Security Notice USN-5197-1 December 15, 2021 apache-log4j2 vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.10 - Ubuntu 21.04 - Ubuntu 20.04 LTS Summary: Apache Log4j 2 could be made to crash if it received specially crafted input. Software Description: - apache-log4j2: Apache Log4j - Logging Framework for Java Details: It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. An attacker could use this vulnerability to cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10: liblog4j2-java 2.16.0-0.21.10.1 Ubuntu 21.04: liblog4j2-java 2.16.0-0.21.04.1 Ubuntu 20.04 LTS: liblog4j2-java 2.16.0-0.20.04.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5197-1 CVE-2021-44228, CVE-2021-45046 Package Information: https://launchpad.net/ubuntu/+source/apache-log4j2/2.16.0-0.21.10.1 https://launchpad.net/ubuntu/+source/apache-log4j2/2.16.0-0.21.04.1 https://launchpad.net/ubuntu/+source/apache-log4j2/2.16.0-0.20.04.1 . Ensure your Ubuntu installations are up-to-date to mitigate the Apache Log4j 2 vulnerability and reduce the chances of system failures.. apache Log4j, denial of service, ubuntu security alert. . LinuxSecurity.com Team
Dec 15, 2021
Ubuntu
172
security advisorydenial of serviceremote code executionUbuntu 21.10: 5192-1 Moderate: Apache Log4j 2 Remote Code Exec
Apache Log4j 2 could be made to crash or run programs as an administrator if it received a specially crafted input.. =========================================================================Ubuntu Security Notice USN-5192-1 December 14, 2021 apache-log4j2 vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.10 - Ubuntu 21.04 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Apache Log4j 2 could be made to crash or run programs as an administrator if it received a specially crafted input. Software Description: - apache-log4j2: Apache Log4j - Logging Framework for Java Details: Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run programs via a special crafted input. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10: liblog4j2-java 2.15.0-0.21.10.1 Ubuntu 21.04: liblog4j2-java 2.15.0-0.21.04.1 Ubuntu 20.04 LTS: liblog4j2-java 2.15.0-0.20.04.1 Ubuntu 18.04 LTS: liblog4j2-java 2.10.0-2ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5192-1 CVE-2021-44228 Package Information: https://launchpad.net/ubuntu/+source/apache-log4j2/2.15.0-0.21.10.1 https://launchpad.net/ubuntu/+source/apache-log4j2/2.15.0-0.21.04.1 https://launchpad.net/ubuntu/+source/apache-log4j2/2.15.0-0.20.04.1 https://launchpad.net/ubuntu/+source/apache-log4j2/2.10.0-2ubuntu0.1 . Secure your Ubuntu systems against the Log4j vulnerability with these steps: update systems, identify installations, and upgrade to the latest version for safety. Apache Log4j, Remote Code Execution, Ubuntu Security Advisory. . Severity: Important. LinuxSecurity.com Team
Dec 14, 2021
•Important
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!