USN-5990-1
- Source
- https://ubuntu.com/security/notices/USN-5990-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5990-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-5990-1
- Related
- Published
- 2023-03-31T00:44:58.153028Z
- Modified
- 2023-03-31T00:44:58.153028Z
- Summary
- musl vulnerabilities
- Details
-
It was discovered that musl did not handle certain i386 math functions properly. An attacker could use this vulnerability to cause a denial of service (crash) or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. (CVE-2019-14697)
It was discovered that musl did not handle wide-character conversion properly. A remote attacker could use this vulnerability to cause resource consumption (infinite loop), denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2020-28928)
- References
Affected packages
Ubuntu:Pro:14.04:LTS / musl
Package
- Name
- musl
- Purl
- pkg:deb/ubuntu/musl?arch=src?distro=trusty/esm
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.9.15-1ubuntu0.1~esm2
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "0.9.15-1ubuntu0.1~esm2",
"binary_name": "musl"
},
{
"binary_version": "0.9.15-1ubuntu0.1~esm2",
"binary_name": "musl-dev"
},
{
"binary_version": "0.9.15-1ubuntu0.1~esm2",
"binary_name": "musl-tools"
}
]
}
Ubuntu:Pro:16.04:LTS / musl
Package
- Name
- musl
- Purl
- pkg:deb/ubuntu/musl?arch=src?distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.1.9-1ubuntu0.1~esm3
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1.1.9-1ubuntu0.1~esm3",
"binary_name": "musl"
},
{
"binary_version": "1.1.9-1ubuntu0.1~esm3",
"binary_name": "musl-dev"
},
{
"binary_version": "1.1.9-1ubuntu0.1~esm3",
"binary_name": "musl-tools"
}
]
}
Ubuntu:Pro:18.04:LTS / musl
Package
- Name
- musl
- Purl
- pkg:deb/ubuntu/musl?arch=src?distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.1.19-1ubuntu0.1~esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1.1.19-1ubuntu0.1~esm1",
"binary_name": "musl"
},
{
"binary_version": "1.1.19-1ubuntu0.1~esm1",
"binary_name": "musl-dbgsym"
},
{
"binary_version": "1.1.19-1ubuntu0.1~esm1",
"binary_name": "musl-dev"
},
{
"binary_version": "1.1.19-1ubuntu0.1~esm1",
"binary_name": "musl-tools"
}
]
}
Ubuntu:Pro:20.04:LTS / musl
Package
- Name
- musl
- Purl
- pkg:deb/ubuntu/musl?arch=src?distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.1.24-1ubuntu0.1~esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "1.1.24-1ubuntu0.1~esm1",
"binary_name": "musl"
},
{
"binary_version": "1.1.24-1ubuntu0.1~esm1",
"binary_name": "musl-dbgsym"
},
{
"binary_version": "1.1.24-1ubuntu0.1~esm1",
"binary_name": "musl-dev"
},
{
"binary_version": "1.1.24-1ubuntu0.1~esm1",
"binary_name": "musl-tools"
}
]
}