Category Archives: Advisories

USN-5379-1: klibc vulnerabilities

Read Time:49 Second

It was discovered that klibc did not properly perform
some mathematical operations, leading to an integer overflow.
An attacker could possibly use this issue to cause a crash,
resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2021-31870)

It was discovered that klibc did not properly handled some
memory allocations on 64 bit systems. An attacker could
possibly use this issue to cause a crash, resulting in a
denial of service, or possibly execute arbitrary code.
(CVE-2021-31871)

It was discovered that klibc did not properly handled some file
sizes values on 32 bit systems. An attacker could possibly use
this issue to cause a crash, resulting in a denial of service,
or possibly execute arbitrary code. (CVE-2021-31872)

It was discovered that klibc did not properly handled some
memory allocations. An attacker could possibly use this issue
to cause a crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2021-31873)

Read More

DSA-5122 gzip – security update

Read Time:12 Second

cleemy desu wayo reported that incorrect handling of filenames by zgrep
in gzip, the GNU compression utilities, can result in overwrite of
arbitrary files or execution of arbitrary code if a file with a
specially crafted filename is processed.

Read More