========================================================================== Ubuntu Security Notice USN-7422-1 April 07, 2025
fis-gtm vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in FIS-GT.M. Software Description: - fis-gtm: database engine for large real-time transaction processing systems Details: It was discovered that FIS-GT.M could incorrectly dereference memory in certain instances. An attacker could possibly use this issue to cause FIS-GT.M to crash, resulting in a denial of service. (CVE-2021-44492, CVE-2021-44498, CVE-2021-44508) It was discovered that FIS-GT.M could perform a division by zero due to a lack of input validation. An attacker could possibly use this issue to cause FIS-GT.M to crash, resulting in a denial of service. (CVE-2021-44500) It was discovered that FIS-GT.M could be forced to allocate memory of a chosen size through crafted input. An attacker could possibly use this issue to exhaust the available memory of FIS-GT.M, leading to a crash that would result in a denial of service. (CVE-2021-44502) It was discovered that FIS-GT.M could be forced to read from uninitialized memory due to a lack of input validation. An attacker could possibly use this issue to cause FIS-GT.M to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2021-44506) It was discovered that FIS-GT.M could crash due to an integer underflow. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-44509, CVE-2021-44510) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS fis-gtm 6.3-014-3ubuntu0.1~esm1 Available with Ubuntu Pro fis-gtm-6.3-014 6.3-014-3ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS fis-gtm 6.3-007-1ubuntu0.1~esm1 Available with Ubuntu Pro fis-gtm-6.3-007 6.3-007-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS fis-gtm 6.3-003A-2ubuntu0.1~esm1 Available with Ubuntu Pro fis-gtm-6.3-003a 6.3-003A-2ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS fis-gtm 6.2-002A-2ubuntu0.1~esm1 Available with Ubuntu Pro fis-gtm-6.2-002 6.2-002A-2ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7422-1 CVE-2021-44492, CVE-2021-44498, CVE-2021-44500, CVE-2021-44502, CVE-2021-44506, CVE-2021-44508, CVE-2021-44509, CVE-2021-44510
OpenPGP_signature.asc
Description: OpenPGP digital signature
