• GNU C Library vulnerability

    From bugz_ubuntu@21:4/110 to Ubuntu Users on Tuesday, December 10, 2019 12:10:06
    eglibc vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 14.04 ESM
    * Ubuntu 12.04 ESM

    Summary

    GNU C Library could be made to execute arbitrary code or cause a
    crash if it received a specially crafted input.

    Software Description

    * eglibc - GNU C Library

    Details

    Jakub Wilk discovered that GNU C Library incorrectly handled
    certain memory alignments. An attacker could possibly use this
    issue to execute arbitrary code or cause a crash.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 14.04 ESM
    libc6 - 2.19-0ubuntu6.15+esm1

    Ubuntu 12.04 ESM
    libc6 - 2.15-0ubuntu10.22

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to reboot your computer to
    make all the necessary changes.

    References

    * CVE-2018-6485

    --- Mystic BBS v1.12 A43 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)