USN-5478-1: util-linux vulnerability
14 June 2022
A util-linux program could be made to crash if it opened a specially crafted file system.
Releases
Packages
- util-linux - miscellaneous system utilities
Details
Christian Moch and Michael Gruhn discovered that the libblkid library
of util-linux did not properly manage memory under certain
circumstances. A local attacker could possibly use this issue
to cause denial of service by consuming all memory through
a specially crafted MSDOS partition table.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04
-
util-linux
-
2.27.1-6ubuntu3.10+esm2
Available with Ubuntu Pro
-
libblkid1
-
2.27.1-6ubuntu3.10+esm2
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.