Ubuntu 16.04 ESM USN-5735-1 Critical Sysstat Code Execution Risk

ubuntu

November 22, 2022

Sysstat could be made to crash or run programs as your login if it processed specially crafted input.

Summary

Sysstat could be made to crash or run programs as your login if it

processed specially crafted input.

Software Description:

- sysstat: system performance tools for Linux

Details:

It was discovered that Sysstat did not properly check bounds

when perfoming certain arithmetic operations on 32 bit systems.

An attacker could possibly use this issue to cause a crash or

arbitrary code execution.

Topics Covered

security advisory Ubuntu input validation code execution risk sysstat

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
   sysstat                         11.2.0-1ubuntu0.3+esm1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5735-1

CVE-2022-39377

Severity

critical

Lowest

Low

Medium

High

Critical

November 22, 2022

Topics Covered

security advisory Ubuntu input validation code execution risk sysstat

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Ubuntu 16.04 ESM USN-5735-1 Critical Sysstat Code Execution Risk

Summary

Topics Covered

Update Instructions

References

Topics Covered

Package Information

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Ubuntu 16.04 ESM USN-5735-1 Critical Sysstat Code Execution Risk

Summary

Topics Covered

Update Instructions

References

Topics Covered

Package Information

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!