USN-5379-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-5379-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-5379-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-5379-1
Related
Published
2022-04-18T11:37:31.558802Z
Modified
2022-04-18T11:37:31.558802Z
Summary
klibc vulnerabilities
Details

It was discovered that klibc did not properly perform some mathematical operations, leading to an integer overflow. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31870)

It was discovered that klibc did not properly handled some memory allocations on 64 bit systems. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31871)

It was discovered that klibc did not properly handled some file sizes values on 32 bit systems. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31872)

It was discovered that klibc did not properly handled some memory allocations. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31873)

References

Affected packages

Ubuntu:20.04:LTS / klibc

Package

Name
klibc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.7-1ubuntu5.1

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "klibc-utils": "2.0.7-1ubuntu5.1",
            "libklibc": "2.0.7-1ubuntu5.1",
            "libklibc-dev": "2.0.7-1ubuntu5.1"
        }
    ]
}

Ubuntu:Pro:14.04:LTS / klibc

Package

Name
klibc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.3-0ubuntu1.14.04.3+esm2

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "klibc-utils": "2.0.3-0ubuntu1.14.04.3+esm2",
            "libklibc": "2.0.3-0ubuntu1.14.04.3+esm2",
            "libklibc-dev": "2.0.3-0ubuntu1.14.04.3+esm2"
        }
    ]
}

Ubuntu:18.04:LTS / klibc

Package

Name
klibc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.4-9ubuntu2.1

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "klibc-utils": "2.0.4-9ubuntu2.1",
            "libklibc": "2.0.4-9ubuntu2.1",
            "libklibc-dev": "2.0.4-9ubuntu2.1"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / klibc

Package

Name
klibc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.4-8ubuntu1.16.04.4+esm1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "klibc-utils": "2.0.4-8ubuntu1.16.04.4+esm1",
            "libklibc": "2.0.4-8ubuntu1.16.04.4+esm1",
            "libklibc-dev": "2.0.4-8ubuntu1.16.04.4+esm1"
        }
    ]
}