-----BEGIN PGP SIGNATURE-----
wsF5BAABCAAjFiEEyMDHOTG0YH5UsajI8pSCVQZYHygFAmf0GzMFAwAAAAAACgkQ8pSCVQZYHyju
6w//WNuP3pIbvNqlSWfL2H4NAakm+CrVXp5e45uNPRcI0HaGs2yFah0P1wbkh5TXtFFwq3F9jAFT
WsQwT9U43xgLpqC/A3LRWSc41KlUU1Jgm7EuXbRX1jv1wSJxl2+KgVP/w9s1Py8a9Co9FPFEbZRu
DrCvDxeSc/j9tb9xI0t36Ll5f7HKNM4uggYo3Tqi9r3iC73Ysu3uqvrTdT8IOC9UojPQQAlqTWc5
6S6uv5tsnOmwdEkzvUKJN17+eLU+Wcvzi23UstOtGTdSaVIiFrNO2hbZzUxTOWER+6PkMPOmCmI0
cNd/gMNgzhBfBDmCHeoap22/xdKuYUtZtlLMwOkOTPppczbVFV+UajqvLO975WdbrikAdPzRjZi0
0pmp4sSugHcHhxEV/lz2Pg3O2iZiEqjOrCTbJp7His84oWyRV0uz2CNNz9mpqqK5z4CsssWRKK99
8MV0zBMRay3Pqq3MblDhHikfSouvXqdPQfDWKLSsGq2qjJ4qZz4rojF5JwrZopflJGdTZ+7/5eMN
hvlHE/j73JP/qyyEiUvSfbs94ikSpZCi9d+8iJEGq1Nfii7OwBR3vShFWf1nJTaO17wlpOggyKPm
2hDA4U/enBHdPOzUWKNwcmzc/AzpQExbMsNnbdyUD6i7v0giCCrGnBoc0YP7uR5ui3xQTp70uGPp
OpU=
=T6X+
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7422-1
April 07, 2025
fis-gtm vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in FIS-GT.M.
Software Description:
- fis-gtm: database engine for large real-time transaction processing systems
Details:
It was discovered that FIS-GT.M could incorrectly dereference memory in
certain instances. An attacker could possibly use this issue to cause
FIS-GT.M to crash, resulting in a denial of service.
(CVE-2021-44492, CVE-2021-44498, CVE-2021-44508)
It was discovered that FIS-GT.M could perform a division by zero due to
a lack of input validation. An attacker could possibly use this issue to
cause FIS-GT.M to crash, resulting in a denial of service.
(CVE-2021-44500)
It was discovered that FIS-GT.M could be forced to allocate memory of a
chosen size through crafted input. An attacker could possibly use this
issue to exhaust the available memory of FIS-GT.M, leading to a crash
that would result in a denial of service. (CVE-2021-44502)
It was discovered that FIS-GT.M could be forced to read from uninitialized
memory due to a lack of input validation. An attacker could possibly use
this issue to cause FIS-GT.M to crash, resulting in a denial of service,
or execute arbitrary code. (CVE-2021-44506)
It was discovered that FIS-GT.M could crash due to an integer underflow.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-44509, CVE-2021-44510)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
fis-gtm 6.3-014-3ubuntu0.1~esm1
Available with Ubuntu Pro
fis-gtm-6.3-014 6.3-014-3ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
fis-gtm 6.3-007-1ubuntu0.1~esm1
Available with Ubuntu Pro
fis-gtm-6.3-007 6.3-007-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
fis-gtm 6.3-003A-2ubuntu0.1~esm1
Available with Ubuntu Pro
fis-gtm-6.3-003a 6.3-003A-2ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
fis-gtm 6.2-002A-2ubuntu0.1~esm1
Available with Ubuntu Pro
fis-gtm-6.2-002 6.2-002A-2ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7422-1
CVE-2021-44492, CVE-2021-44498, CVE-2021-44500, CVE-2021-44502,
CVE-2021-44506, CVE-2021-44508, CVE-2021-44509, CVE-2021-44510
No comments:
Post a Comment