========================================================================== Ubuntu Security Notice USN-3536-1 January 17, 2018
eglibc vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: The GNU C library could be made to run programs as an administrator. Software Description: - eglibc: GNU C Library Details: It was discovered that the GNU C library did not properly handle all of the possible return values from the kernel getcwd(2) syscall. A local attacker could potentially exploit this to execute arbitrary code in setuid programs and gain administrative privileges. (CVE-2018-1000001) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: libc6 2.15-0ubuntu10.21 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://www.ubuntu.com/usn/usn-3536-1 CVE-2018-1000001
signature.asc
Description: OpenPGP digital signature
-- ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
