Headline
Ubuntu Security Notice USN-6505-1
Ubuntu Security Notice 6505-1 - It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service.
==========================================================================
Ubuntu Security Notice USN-6505-1
November 22, 2023
nghttp2 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.10
- Ubuntu 23.04
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
nghttp2 could be made to consume resources if it received specially crafted
network traffic.
Software Description:
- nghttp2: HTTP/2 C Library and tools
Details:
It was discovered that nghttp2 incorrectly handled request cancellation. A
remote attacker could possibly use this issue to cause nghttp2 to consume
resources, leading to a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 23.10:
libnghttp2-14 1.55.1-1ubuntu0.1
nghttp2 1.55.1-1ubuntu0.1
nghttp2-client 1.55.1-1ubuntu0.1
nghttp2-proxy 1.55.1-1ubuntu0.1
nghttp2-server 1.55.1-1ubuntu0.1
Ubuntu 23.04:
libnghttp2-14 1.52.0-1ubuntu0.1
nghttp2 1.52.0-1ubuntu0.1
nghttp2-client 1.52.0-1ubuntu0.1
nghttp2-proxy 1.52.0-1ubuntu0.1
nghttp2-server 1.52.0-1ubuntu0.1
Ubuntu 22.04 LTS:
libnghttp2-14 1.43.0-1ubuntu0.1
nghttp2 1.43.0-1ubuntu0.1
nghttp2-client 1.43.0-1ubuntu0.1
nghttp2-proxy 1.43.0-1ubuntu0.1
nghttp2-server 1.43.0-1ubuntu0.1
Ubuntu 20.04 LTS:
libnghttp2-14 1.40.0-1ubuntu0.2
nghttp2 1.40.0-1ubuntu0.2
nghttp2-client 1.40.0-1ubuntu0.2
nghttp2-proxy 1.40.0-1ubuntu0.2
nghttp2-server 1.40.0-1ubuntu0.2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6505-1
CVE-2023-44487
Package Information:
https://launchpad.net/ubuntu/+source/nghttp2/1.55.1-1ubuntu0.1
https://launchpad.net/ubuntu/+source/nghttp2/1.52.0-1ubuntu0.1
https://launchpad.net/ubuntu/+source/nghttp2/1.43.0-1ubuntu0.1
https://launchpad.net/ubuntu/+source/nghttp2/1.40.0-1ubuntu0.2
Related news
Red Hat Security Advisory 2024-1770-03 - Red Hat OpenShift Container Platform release 4.15.9 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Security Advisory 2024-0954-03 - The components for Red Hat OpenShift for Windows Containers 10.15.0 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Issues addressed include a privilege escalation vulnerability.
Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker could potentially exploit this vulnerability to read arbitrary files from the target system.
Red Hat Security Advisory 2023-7637-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-7587-01 - An update is now available for IBM Business Automation Manager Open Editions including images for Red Hat OpenShift Container Platform. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-6837-01 - Red Hat OpenShift Container Platform release 4.14.2 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a cross site scripting vulnerability.
Red Hat Security Advisory 2023-7288-01 - An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.14. Issues addressed include bypass, code execution, cross site scripting, and denial of service vulnerabilities.
Red Hat Security Advisory 2023-6085-01 - An update is now available for Red Hat Openshift distributed tracing 2.9. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-6084-01 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-6080-01 - Red Hat Integration Camel for Spring Boot 4.0.1 release and security update is now available. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5979-01 - Updated Satellite 6.12 packages that fixes important security bugs and several regular bugs are now available for Red Hat Satellite. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5976-01 - An update is now available for Service Telemetry Framework 1.5.2. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5974-01 - An update for network-observability-console-plugin-container, network-observability-ebpf-agent-container, network-observability-flowlogs-pipeline-container, network-observability-operator-bundle-container, and network-observability-operator-container is now available for NETWORK-OBSERVABILITY-1.4.0-RHEL-9. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5935-01 - An update for osp-director-agent-container, osp-director-downloader-container, osp-director-operator-bundle-container, and osp-director-operator-container is now available for Red Hat OpenStack Platform 16.2.5. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-5809-01 - Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.