USN-6715-1: unixODBC vulnerability
27 March 2024
unixODBC could be made to crash or execute arbitrary code.
Releases
Packages
- unixodbc - Basic ODBC tools
Details
It was discovered that unixODBC incorrectly handled certain bytes.
An attacker could use this issue to execute arbitrary code or cause
a crash.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.10
Ubuntu 22.04
Ubuntu 20.04
Ubuntu 18.04
-
libodbc1
-
2.3.4-1.1ubuntu3+esm1
Available with Ubuntu Pro
-
unixodbc
-
2.3.4-1.1ubuntu3+esm1
Available with Ubuntu Pro
Ubuntu 16.04
-
libodbc1
-
2.3.1-4.1ubuntu0.1~esm2
Available with Ubuntu Pro
-
unixodbc
-
2.3.1-4.1ubuntu0.1~esm2
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-6715-2: odbcinst, unixodbc-dev, unixodbc, libodbc2, libodbccr2, libodbcinst2, unixodbc-common