USN-5699-1: GNU C Library vulnerabilities

Read Time:25 Second

Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library
iconv feature incorrectly handled certain input sequences. An attacker
could possibly use this issue to cause the GNU C Library to hang or crash,
resulting in a denial of service. (CVE-2021-3326)

It was discovered that the GNU C Library nscd daemon incorrectly handled
certain netgroup lookups. An attacker could possibly use this issue to
cause the GNU C Library to crash, resulting in a denial of service.
(CVE-2021-35942)

Read More

USN-5698-2: Open vSwitch vulnerability

Read Time:18 Second

USN-5698-1 fixed a vulnerability in Open. This update provides
the corresponding update for Ubuntu 16.04 ESM.

Original advisory details:

It was discovered that Open vSwitch incorrectly handled comparison of
certain minimasks. A remote attacker could use this issue to cause Open
vSwitch to crash, resulting in a denial of service, or possibly execute
arbitrary code.

Read More