==========================================================================
Ubuntu Security Notice USN-7697-1
August 14, 2025
aide vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in AIDE.
Software Description:
- aide: Advanced Intrusion Detection Environment
Details:
Rajesh Pangare discovered that AIDE incorrectly handled filenames. A
local attacker could possibly use this issue to bypass the detection of
malicious files. (CVE-2025-54389)
Rajesh Pangare discovered that AIDE incorrectly handled extended file
attributes. A local attacker could possibly use this issue to cause a
denial of service. (CVE-2025-54409)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
aide 0.18.8-2ubuntu0.1
Ubuntu 24.04 LTS
aide 0.18.6-2ubuntu0.1
Ubuntu 22.04 LTS
aide 0.17.4-1ubuntu0.2
Ubuntu 20.04 LTS
aide 0.16.1-1ubuntu0.1+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
aide 0.16-3ubuntu0.1+esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
aide 0.16~a2.git20130520-3ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 14.04 LTS
aide 0.16~a2.git20130520-2ubuntu0.1+esm2
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7697-1
CVE-2025-54389, CVE-2025-54409
Package Information:
https://launchpad.net/ubuntu/+source/aide/0.18.8-2ubuntu0.1
https://launchpad.net/ubuntu/+source/aide/0.18.6-2ubuntu0.1
https://launchpad.net/ubuntu/+source/aide/0.17.4-1ubuntu0.2
No comments:
Post a Comment