Summary
Ubuntu Update for Linux kernel vulnerabilities USN-986-3
Solution
Please Install the Updated Packages.
Insight
USN-986-1 fixed vulnerabilities in bzip2. dpkg statically links against libbz2 and needed to be rebuilt to use the updated libbz2.
Original advisory details:
An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program.
Affected
dpkg vulnerability on Ubuntu 6.06 LTS ,
Ubuntu 8.04 LTS ,
Ubuntu 9.04 ,
Ubuntu 9.10 ,
Ubuntu 10.04 LTS
Severity
Classification
-
CVE CVE-2010-0405 -
CVSS Base Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P
Related Vulnerabilities