Vulnerabilities > CVE-2016-3189
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.
Vulnerable Configurations
Nessus
NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1020.NASL description According to the version of the bzip2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A use-after-free flaw was found in bzip2recover, leading to a null pointer dereference, or a write to a closed file descriptor. An attacker could use this flaw by sending a specially crafted bzip2 file to recover and force the program to crash.(CVE-2016-3189) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2019-02-14 plugin id 122167 published 2019-02-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122167 title EulerOS 2.0 SP5 : bzip2 (EulerOS-SA-2019-1020) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(122167); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/04"); script_cve_id( "CVE-2016-3189" ); script_name(english:"EulerOS 2.0 SP5 : bzip2 (EulerOS-SA-2019-1020)"); script_summary(english:"Checks the rpm output for the updated package."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS host is missing a security update."); script_set_attribute(attribute:"description", value: "According to the version of the bzip2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A use-after-free flaw was found in bzip2recover, leading to a null pointer dereference, or a write to a closed file descriptor. An attacker could use this flaw by sending a specially crafted bzip2 file to recover and force the program to crash.(CVE-2016-3189) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1020 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f36f3d60"); script_set_attribute(attribute:"solution", value: "Update the affected bzip2 package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"patch_publication_date", value:"2019/01/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/14"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:bzip2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:bzip2-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:bzip2-libs"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp"); script_exclude_keys("Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0"); sp = get_kb_item("Host/EulerOS/sp"); if (isnull(sp) || sp !~ "^(5)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5", "EulerOS UVP " + uvp); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu); flag = 0; pkgs = ["bzip2-1.0.6-14.h1.eulerosv2r7", "bzip2-devel-1.0.6-14.h1.eulerosv2r7", "bzip2-libs-1.0.6-14.h1.eulerosv2r7"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", sp:"5", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bzip2"); }
NASL family Fedora Local Security Checks NASL id FEDORA_2016-E7B46C92AE.NASL description CVE-2016-3189 bzip2: heap use after free in bzip2recover Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-01-03 plugin id 96219 published 2017-01-03 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/96219 title Fedora 25 : bzip2 (2016-e7b46c92ae) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2016-e7b46c92ae. # include("compat.inc"); if (description) { script_id(96219); script_version("3.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2016-3189"); script_xref(name:"FEDORA", value:"2016-e7b46c92ae"); script_name(english:"Fedora 25 : bzip2 (2016-e7b46c92ae)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "CVE-2016-3189 bzip2: heap use after free in bzip2recover Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2016-e7b46c92ae" ); script_set_attribute(attribute:"solution", value:"Update the affected bzip2 package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:bzip2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:25"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/06/30"); script_set_attribute(attribute:"patch_publication_date", value:"2017/01/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/01/03"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^25([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 25", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC25", reference:"bzip2-1.0.6-21.fc25")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bzip2"); }
NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_3C7EDC7AF68011E9A87FA4BADB2F4699.NASL description The decompressor used in bzip2 contains a bug which can lead to an out-of-bounds write when processing a specially crafted bzip2(1) file. bzip2recover contains a heap use-after-free bug which can be triggered when processing a specially crafted bzip2(1) file. Impact : An attacker who can cause maliciously crafted input to be processed may trigger either of these bugs. The bzip2recover bug may cause a crash, permitting a denial-of-service. The bzip2 decompressor bug could potentially be exploited to execute arbitrary code. Note that some utilities, including the tar(1) archiver and the bspatch(1) binary patching utility (used in portsnap(8) and freebsd-update(8)) decompress bzip2(1)-compressed data internally; system administrators should assume that their systems will at some point decompress bzip2(1)-compressed data even if they never explicitly invoke the bunzip2(1) utility. last seen 2020-06-01 modified 2020-06-02 plugin id 130240 published 2019-10-25 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/130240 title FreeBSD : FreeBSD -- Multiple vulnerabilities in bzip2 (3c7edc7a-f680-11e9-a87f-a4badb2f4699) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from the FreeBSD VuXML database : # # Copyright 2003-2019 Jacques Vidrine and contributors # # Redistribution and use in source (VuXML) and 'compiled' forms (SGML, # HTML, PDF, PostScript, RTF and so forth) with or without modification, # are permitted provided that the following conditions are met: # 1. Redistributions of source code (VuXML) must retain the above # copyright notice, this list of conditions and the following # disclaimer as the first lines of this file unmodified. # 2. Redistributions in compiled form (transformed to other DTDs, # published online in any format, converted to PDF, PostScript, # RTF and other formats) must reproduce the above copyright # notice, this list of conditions and the following disclaimer # in the documentation and/or other materials provided with the # distribution. # # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # include("compat.inc"); if (description) { script_id(130240); script_version("1.3"); script_cvs_date("Date: 2019/12/18"); script_cve_id("CVE-2016-3189", "CVE-2019-1290"); script_xref(name:"FreeBSD", value:"SA-19:18.bzip2"); script_name(english:"FreeBSD : FreeBSD -- Multiple vulnerabilities in bzip2 (3c7edc7a-f680-11e9-a87f-a4badb2f4699)"); script_summary(english:"Checks for updated packages in pkg_info output"); script_set_attribute( attribute:"synopsis", value: "The remote FreeBSD host is missing one or more security-related updates." ); script_set_attribute( attribute:"description", value: "The decompressor used in bzip2 contains a bug which can lead to an out-of-bounds write when processing a specially crafted bzip2(1) file. bzip2recover contains a heap use-after-free bug which can be triggered when processing a specially crafted bzip2(1) file. Impact : An attacker who can cause maliciously crafted input to be processed may trigger either of these bugs. The bzip2recover bug may cause a crash, permitting a denial-of-service. The bzip2 decompressor bug could potentially be exploited to execute arbitrary code. Note that some utilities, including the tar(1) archiver and the bspatch(1) binary patching utility (used in portsnap(8) and freebsd-update(8)) decompress bzip2(1)-compressed data internally; system administrators should assume that their systems will at some point decompress bzip2(1)-compressed data even if they never explicitly invoke the bunzip2(1) utility." ); # https://vuxml.freebsd.org/freebsd/3c7edc7a-f680-11e9-a87f-a4badb2f4699.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?34325a56" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:FreeBSD"); script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/06"); script_set_attribute(attribute:"patch_publication_date", value:"2019/10/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/25"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"FreeBSD Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info", "Settings/ParanoidReport"); exit(0); } include("audit.inc"); include("freebsd_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD"); if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING); if (report_paranoia < 2) audit(AUDIT_PARANOID); flag = 0; if (pkg_test(save_report:TRUE, pkg:"FreeBSD>=12.0<12.0_9")) flag++; if (pkg_test(save_report:TRUE, pkg:"FreeBSD>=11.3<11.3_2")) flag++; if (pkg_test(save_report:TRUE, pkg:"FreeBSD>=11.2<11.2_13")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Fedora Local Security Checks NASL id FEDORA_2016-FD44637912.NASL description CVE-2016-3189 bzip2: heap use after free in bzip2recover Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2017-01-05 plugin id 96291 published 2017-01-05 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/96291 title Fedora 24 : bzip2 (2016-fd44637912) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2016-fd44637912. # include("compat.inc"); if (description) { script_id(96291); script_version("3.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2016-3189"); script_xref(name:"FEDORA", value:"2016-fd44637912"); script_name(english:"Fedora 24 : bzip2 (2016-fd44637912)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "CVE-2016-3189 bzip2: heap use after free in bzip2recover Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2016-fd44637912" ); script_set_attribute(attribute:"solution", value:"Update the affected bzip2 package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:bzip2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:24"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/06/30"); script_set_attribute(attribute:"patch_publication_date", value:"2017/01/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2017/01/05"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^24([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 24", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC24", reference:"bzip2-1.0.6-21.fc24")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bzip2"); }
NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1171.NASL description According to the version of the bzip2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A use-after-free flaw was found in bzip2recover, leading to a null pointer dereference, or a write to a closed file descriptor. An attacker could use this flaw by sending a specially crafted bzip2 file to recover and force the program to crash.i1/4^CVE-2016-3189i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-19 modified 2019-04-09 plugin id 123857 published 2019-04-09 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123857 title EulerOS Virtualization 2.5.3 : bzip2 (EulerOS-SA-2019-1171) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(123857); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/19"); script_cve_id( "CVE-2016-3189" ); script_name(english:"EulerOS Virtualization 2.5.3 : bzip2 (EulerOS-SA-2019-1171)"); script_summary(english:"Checks the rpm output for the updated package."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS Virtualization host is missing a security update."); script_set_attribute(attribute:"description", value: "According to the version of the bzip2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A use-after-free flaw was found in bzip2recover, leading to a null pointer dereference, or a write to a closed file descriptor. An attacker could use this flaw by sending a specially crafted bzip2 file to recover and force the program to crash.i1/4^CVE-2016-3189i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1171 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ddd35047"); script_set_attribute(attribute:"solution", value: "Update the affected bzip2 package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"patch_publication_date", value:"2019/04/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/09"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:bzip2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:bzip2-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:bzip2-libs"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:2.5.3"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (uvp != "2.5.3") audit(AUDIT_OS_NOT, "EulerOS Virtualization 2.5.3"); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu); flag = 0; pkgs = ["bzip2-1.0.6-14", "bzip2-devel-1.0.6-14", "bzip2-libs-1.0.6-14"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bzip2"); }
NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-1398.NASL description This update for bzip2 fixes the following issues : Security issue fixed : - CVE-2016-3189: Fixed a use-after-free in bzip2recover (bsc#985657). This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 125211 published 2019-05-16 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/125211 title openSUSE Security Update : bzip2 (openSUSE-2019-1398) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-1398. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(125211); script_version("1.2"); script_cvs_date("Date: 2020/01/15"); script_cve_id("CVE-2016-3189"); script_name(english:"openSUSE Security Update : bzip2 (openSUSE-2019-1398)"); script_summary(english:"Check for the openSUSE-2019-1398 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for bzip2 fixes the following issues : Security issue fixed : - CVE-2016-3189: Fixed a use-after-free in bzip2recover (bsc#985657). This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=985657" ); script_set_attribute( attribute:"solution", value:"Update the affected bzip2 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bzip2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bzip2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:bzip2-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libbz2-1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libbz2-1-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libbz2-1-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libbz2-1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libbz2-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libbz2-devel-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/06/30"); script_set_attribute(attribute:"patch_publication_date", value:"2019/05/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/16"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.0", reference:"bzip2-1.0.6-lp150.4.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"bzip2-debuginfo-1.0.6-lp150.4.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"bzip2-debugsource-1.0.6-lp150.4.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libbz2-1-1.0.6-lp150.4.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libbz2-1-debuginfo-1.0.6-lp150.4.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libbz2-devel-1.0.6-lp150.4.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libbz2-1-32bit-1.0.6-lp150.4.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libbz2-1-32bit-debuginfo-1.0.6-lp150.4.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libbz2-devel-32bit-1.0.6-lp150.4.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bzip2 / bzip2-debuginfo / bzip2-debugsource / libbz2-1 / etc"); }
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4038-1.NASL description Aladdin Mubaied discovered that bzip2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-3189) It was discovered that bzip2 incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-12900). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 126305 published 2019-06-27 reporter Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/126305 title Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : bzip2 vulnerabilities (USN-4038-1) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2019-195-01.NASL description New bzip2 packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 126685 published 2019-07-15 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/126685 title Slackware 14.0 / 14.1 / 14.2 / current : bzip2 (SSA:2019-195-01) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-2560.NASL description According to the version of the bzip2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.(CVE-2016-3189) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-08 modified 2019-12-19 plugin id 132277 published 2019-12-19 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132277 title EulerOS 2.0 SP3 : bzip2 (EulerOS-SA-2019-2560) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-2411.NASL description According to the version of the bzip2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file, related to block ends set to before the start of the block.(CVE-2016-3189) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-08 modified 2019-12-10 plugin id 131903 published 2019-12-10 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/131903 title EulerOS 2.0 SP2 : bzip2 (EulerOS-SA-2019-2411) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_4B6CB45D881E447AA4E0C97A954EA758.NASL description bzip2 developers reports : CVE-2016-3189 - Fix use-after-free in bzip2recover (Jakub Martisko) CVE-2019-12900 - Detect out-of-range nSelectors in corrupted files (Albert Astals Cid). Found through fuzzing karchive. last seen 2020-06-01 modified 2020-06-02 plugin id 126364 published 2019-07-01 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/126364 title FreeBSD : bzip2 -- multiple issues (4b6cb45d-881e-447a-a4e0-c97a954ea758) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201708-08.NASL description The remote host is affected by the vulnerability described in GLSA-201708-08 (bzip2: Denial of Service) A use-after-free flaw was found in bzip2recover, leading to a null pointer dereference, or a write to a closed file descriptor. Please review the CVE identifier referenced below for details. Impact : A remote attacker could entice a user to process a specially crafted bzip2 archive using bzip2recover, possibly resulting in a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 102620 published 2017-08-21 reporter This script is Copyright (C) 2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/102620 title GLSA-201708-08 : bzip2: Denial of Service NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-1206-1.NASL description This update for bzip2 fixes the following issues : Security issue fixed : CVE-2016-3189: Fixed a use-after-free in bzip2recover (bsc#985657). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 124854 published 2019-05-13 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124854 title SUSE SLED15 / SLES15 Security Update : bzip2 (SUSE-SU-2019:1206-1) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-1206-2.NASL description This update for bzip2 fixes the following issues : Security issue fixed : CVE-2016-3189: Fixed a use-after-free in bzip2recover (bsc#985657). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 126493 published 2019-07-05 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/126493 title SUSE SLED15 / SLES15 Security Update : bzip2 (SUSE-SU-2019:1206-2) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-1435.NASL description This update for bzip2 fixes the following issues : Security issue fixed : - CVE-2016-3189: Fixed a use-after-free in bzip2recover (bsc#985657). This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 125350 published 2019-05-23 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/125350 title openSUSE Security Update : bzip2 (openSUSE-2019-1435) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-1955-1.NASL description This update for bzip2 fixes the following issues : Security issue fixed : CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1139083). CVE-2016-3189: Fixed a use-after-free in bzip2recover (bsc#985657). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 126985 published 2019-07-24 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/126985 title SUSE SLED12 / SLES12 Security Update : bzip2 (SUSE-SU-2019:1955-1)
References
- http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html
- http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html
- http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html
- http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html
- http://www.openwall.com/lists/oss-security/2016/06/20/1
- http://www.openwall.com/lists/oss-security/2016/06/20/1
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.securityfocus.com/bid/91297
- http://www.securityfocus.com/bid/91297
- http://www.securitytracker.com/id/1036132
- http://www.securitytracker.com/id/1036132
- https://bugzilla.redhat.com/show_bug.cgi?id=1319648
- https://bugzilla.redhat.com/show_bug.cgi?id=1319648
- https://lists.apache.org/thread.html/r19b4a70ac52093115fd71d773a7a4f579599e6275a13cfcf6252c3e3%40%3Cjira.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r19b4a70ac52093115fd71d773a7a4f579599e6275a13cfcf6252c3e3%40%3Cjira.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r1dc4c9b3bd559301bdb1557245f78b8910146efb1ee534b774c5f6af%40%3Cdev.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r1dc4c9b3bd559301bdb1557245f78b8910146efb1ee534b774c5f6af%40%3Cdev.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r481cda41fefb03e04c51484ed14421d812e5ce9e0972edff10f37260%40%3Cjira.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r481cda41fefb03e04c51484ed14421d812e5ce9e0972edff10f37260%40%3Cjira.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r4ad2ea01354e394b7fa8c78a184b7e1634d51be9bc0e9e4d7e6c9305%40%3Cjira.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r4ad2ea01354e394b7fa8c78a184b7e1634d51be9bc0e9e4d7e6c9305%40%3Cjira.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r5f7ac2bd631ccb12ced65b71ff11f94e76d05b22000795e4a7b61203%40%3Cjira.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r5f7ac2bd631ccb12ced65b71ff11f94e76d05b22000795e4a7b61203%40%3Cjira.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r5f80cf3ade5bb73410643e885fe6b7bf9f0222daf3533e42c7ae240c%40%3Cjira.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r5f80cf3ade5bb73410643e885fe6b7bf9f0222daf3533e42c7ae240c%40%3Cjira.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r6e3962fc9f6a79851f70cffdec5759065969cec9c6708b964464b301%40%3Cjira.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r6e3962fc9f6a79851f70cffdec5759065969cec9c6708b964464b301%40%3Cjira.kafka.apache.org%3E
- https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E
- https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E
- https://lists.apache.org/thread.html/redf17d8ad16140733b25ca402ae825d6dfa9b85f73d9fb3fd0c75d73%40%3Cdev.kafka.apache.org%3E
- https://lists.apache.org/thread.html/redf17d8ad16140733b25ca402ae825d6dfa9b85f73d9fb3fd0c75d73%40%3Cdev.kafka.apache.org%3E
- https://lists.apache.org/thread.html/rffebcbeaace56ff1fed7916700d2f414ca1366386fb1293e99b3e31e%40%3Cjira.kafka.apache.org%3E
- https://lists.apache.org/thread.html/rffebcbeaace56ff1fed7916700d2f414ca1366386fb1293e99b3e31e%40%3Cjira.kafka.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html
- https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html
- https://seclists.org/bugtraq/2019/Aug/4
- https://seclists.org/bugtraq/2019/Aug/4
- https://seclists.org/bugtraq/2019/Jul/22
- https://seclists.org/bugtraq/2019/Jul/22
- https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc
- https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc
- https://security.gentoo.org/glsa/201708-08
- https://security.gentoo.org/glsa/201708-08
- https://usn.ubuntu.com/4038-1/
- https://usn.ubuntu.com/4038-1/
- https://usn.ubuntu.com/4038-2/
- https://usn.ubuntu.com/4038-2/
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/security-alerts/cpuoct2020.html