1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-6736-1

[USN-6736-1] klibc vulnerabilities

Severity Critical
Affected Packages 18
CVEs 4
Info Packages Vulnerabilities

Several security issues were fixed in klibc.

It was discovered that zlib, vendored in klibc, incorrectly handled pointer
arithmetic. An attacker could use this issue to cause klibc to crash or to
possibly execute arbitrary code. (CVE-2016-9840, CVE-2016-9841)

Danilo Ramos discovered that zlib, vendored in klibc, incorrectly handled
memory when performing certain deflating operations. An attacker could use
this issue to cause klibc to crash or to possibly execute arbitrary code.
(CVE-2018-25032)

Evgeny Legerov discovered that zlib, vendored in klibc, incorrectly handled
memory when performing certain inflate operations. An attacker could use
this issue to cause klibc to crash or to possibly execute arbitrary code.
(CVE-2022-37434)

Package Affected Version
pkg:deb/ubuntu/libklibc?distro=xenial < 2.0.4-8ubuntu1.16.04.4+esm2
pkg:deb/ubuntu/libklibc?distro=trusty < 2.0.3-0ubuntu1.14.04.3+esm3
pkg:deb/ubuntu/libklibc?distro=mantic < 2.0.13-1ubuntu0.1
pkg:deb/ubuntu/libklibc?distro=jammy < 2.0.10-4ubuntu0.1
pkg:deb/ubuntu/libklibc?distro=focal < 2.0.7-1ubuntu5.2
pkg:deb/ubuntu/libklibc?distro=bionic < 2.0.4-9ubuntu2.2+esm1
pkg:deb/ubuntu/libklibc-dev?distro=xenial < 2.0.4-8ubuntu1.16.04.4+esm2
pkg:deb/ubuntu/libklibc-dev?distro=trusty < 2.0.3-0ubuntu1.14.04.3+esm3
pkg:deb/ubuntu/libklibc-dev?distro=mantic < 2.0.13-1ubuntu0.1
pkg:deb/ubuntu/libklibc-dev?distro=jammy < 2.0.10-4ubuntu0.1
pkg:deb/ubuntu/libklibc-dev?distro=focal < 2.0.7-1ubuntu5.2
pkg:deb/ubuntu/libklibc-dev?distro=bionic < 2.0.4-9ubuntu2.2+esm1
pkg:deb/ubuntu/klibc-utils?distro=xenial < 2.0.4-8ubuntu1.16.04.4+esm2
pkg:deb/ubuntu/klibc-utils?distro=trusty < 2.0.3-0ubuntu1.14.04.3+esm3
pkg:deb/ubuntu/klibc-utils?distro=mantic < 2.0.13-1ubuntu0.1
pkg:deb/ubuntu/klibc-utils?distro=jammy < 2.0.10-4ubuntu0.1
pkg:deb/ubuntu/klibc-utils?distro=focal < 2.0.7-1ubuntu5.2
pkg:deb/ubuntu/klibc-utils?distro=bionic < 2.0.4-9ubuntu2.2+esm1
ID
USN-6736-1
Severity
critical
Severity from
CVE-2016-9841
URL
https://ubuntu.com/security/notices/USN-6736-1
Published
2024-04-16T11:43:39
(5 months ago)
Modified
2024-04-16T11:43:39
(5 months ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/libklibc?distro=xenial ubuntu libklibc < 2.0.4-8ubuntu1.16.04.4+esm2 xenial
Affected pkg:deb/ubuntu/libklibc?distro=trusty ubuntu libklibc < 2.0.3-0ubuntu1.14.04.3+esm3 trusty
Affected pkg:deb/ubuntu/libklibc?distro=mantic ubuntu libklibc < 2.0.13-1ubuntu0.1 mantic
Affected pkg:deb/ubuntu/libklibc?distro=jammy ubuntu libklibc < 2.0.10-4ubuntu0.1 jammy
Affected pkg:deb/ubuntu/libklibc?distro=focal ubuntu libklibc < 2.0.7-1ubuntu5.2 focal
Affected pkg:deb/ubuntu/libklibc?distro=bionic ubuntu libklibc < 2.0.4-9ubuntu2.2+esm1 bionic
Affected pkg:deb/ubuntu/libklibc-dev?distro=xenial ubuntu libklibc-dev < 2.0.4-8ubuntu1.16.04.4+esm2 xenial
Affected pkg:deb/ubuntu/libklibc-dev?distro=trusty ubuntu libklibc-dev < 2.0.3-0ubuntu1.14.04.3+esm3 trusty
Affected pkg:deb/ubuntu/libklibc-dev?distro=mantic ubuntu libklibc-dev < 2.0.13-1ubuntu0.1 mantic
Affected pkg:deb/ubuntu/libklibc-dev?distro=jammy ubuntu libklibc-dev < 2.0.10-4ubuntu0.1 jammy
Affected pkg:deb/ubuntu/libklibc-dev?distro=focal ubuntu libklibc-dev < 2.0.7-1ubuntu5.2 focal
Affected pkg:deb/ubuntu/libklibc-dev?distro=bionic ubuntu libklibc-dev < 2.0.4-9ubuntu2.2+esm1 bionic
Affected pkg:deb/ubuntu/klibc-utils?distro=xenial ubuntu klibc-utils < 2.0.4-8ubuntu1.16.04.4+esm2 xenial
Affected pkg:deb/ubuntu/klibc-utils?distro=trusty ubuntu klibc-utils < 2.0.3-0ubuntu1.14.04.3+esm3 trusty
Affected pkg:deb/ubuntu/klibc-utils?distro=mantic ubuntu klibc-utils < 2.0.13-1ubuntu0.1 mantic
Affected pkg:deb/ubuntu/klibc-utils?distro=jammy ubuntu klibc-utils < 2.0.10-4ubuntu0.1 jammy
Affected pkg:deb/ubuntu/klibc-utils?distro=focal ubuntu klibc-utils < 2.0.7-1ubuntu5.2 focal
Affected pkg:deb/ubuntu/klibc-utils?distro=bionic ubuntu klibc-utils < 2.0.4-9ubuntu2.2+esm1 bionic
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date