NVD Description

Note: Versions mentioned in the description apply only to the upstream apparmor package and not the apparmor package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

In all versions of AppArmor mount rules are accidentally widened when compiled.

Remediation

There is no fixed version for Ubuntu:16.04 apparmor.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-1585
• https://security-tracker.debian.org/tracker/CVE-2016-1585
• https://bugs.launchpad.net/apparmor/+bug/1597017
• https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
• https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E

NVD Description

Note: Versions mentioned in the description apply only to the upstream dpkg package and not the dpkg package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.

Remediation

Upgrade Ubuntu:16.04 dpkg to version 1.18.4ubuntu1.7+esm1 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-1664
• https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495
• https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5
• https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b
• https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be
• https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html
• https://lists.debian.org/debian-security-announce/2022/msg00115.html
• https://security.netapp.com/advisory/ntap-20221007-0002/

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.

Remediation

Upgrade Ubuntu:16.04 glibc to version 2.23-0ubuntu11.2 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-18269
• https://security-tracker.debian.org/tracker/CVE-2017-18269
• https://github.com/fingolfin/memmove-bug
• https://sourceware.org/bugzilla/show_bug.cgi?id=22644
• https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=cd66c0e584c6d692bc8347b5e72723d02b8a8ada
• https://security.netapp.com/advisory/ntap-20190329-0001/
• https://security.netapp.com/advisory/ntap-20190401-0001/
• https://usn.ubuntu.com/4416-1/
• https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=cd66c0e584c6d692bc8347b5e72723d02b8a8ada

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.

Remediation

Upgrade Ubuntu:16.04 glibc to version 2.23-0ubuntu11.2 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-6485
• https://sourceware.org/bugzilla/show_bug.cgi?id=22343
• http://bugs.debian.org/878159
• https://security-tracker.debian.org/tracker/CVE-2018-6485
• https://security.netapp.com/advisory/ntap-20190404-0003/
• https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
• https://access.redhat.com/errata/RHBA-2019:0327
• https://access.redhat.com/errata/RHSA-2018:3092
• http://www.securityfocus.com/bid/102912
• https://usn.ubuntu.com/4416-1/
• https://usn.ubuntu.com/4218-1/

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.

Remediation

Upgrade Ubuntu:16.04 glibc to version 2.23-0ubuntu11.2 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-11236
• https://security-tracker.debian.org/tracker/CVE-2018-11236
• https://sourceware.org/bugzilla/show_bug.cgi?id=22786
• https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5460617d1567657621107d895ee2dd83bc1f88f2
• https://security.netapp.com/advisory/ntap-20190329-0001/
• https://security.netapp.com/advisory/ntap-20190401-0001/
• https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
• https://access.redhat.com/errata/RHBA-2019:0327
• https://access.redhat.com/errata/RHSA-2018:3092
• http://www.securityfocus.com/bid/104255
• https://usn.ubuntu.com/4416-1/
• https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5460617d1567657621107d895ee2dd83bc1f88f2

NVD Description

Note: Versions mentioned in the description apply only to the upstream lz4 package and not the lz4 package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well.

Remediation

Upgrade Ubuntu:16.04 lz4 to version 0.0~r131-2ubuntu2+esm1 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2021-3520
• https://bugzilla.redhat.com/show_bug.cgi?id=1954559
• https://www.oracle.com/security-alerts/cpuoct2021.html
• https://www.oracle.com//security-alerts/cpujul2021.html
• https://access.redhat.com/errata/RHBA-2021:2854
• https://access.redhat.com/errata/RHSA-2021:2575
• https://access.redhat.com/errata/RHSA-2022:1345
• https://access.redhat.com/errata/RHSA-2022:5606
• https://access.redhat.com/errata/RHSA-2022:6407
• https://access.redhat.com/security/cve/CVE-2021-3520
• https://security.netapp.com/advisory/ntap-20211104-0005/
• https://www.oracle.com/security-alerts/cpuapr2022.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream zlib package and not the zlib package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).

Remediation

Upgrade Ubuntu:16.04 zlib to version 1:1.2.8.dfsg-2ubuntu4.3+esm2 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-37434
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/
• https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d
• http://seclists.org/fulldisclosure/2022/Oct/37
• http://seclists.org/fulldisclosure/2022/Oct/38
• http://seclists.org/fulldisclosure/2022/Oct/41
• http://seclists.org/fulldisclosure/2022/Oct/42
• http://www.openwall.com/lists/oss-security/2022/08/05/2
• http://www.openwall.com/lists/oss-security/2022/08/09/1
• https://github.com/ivd38/zlib_overflow
• https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063
• https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1
• https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764
• https://lists.debian.org/debian-lts-announce/2022/09/msg00012.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWN4VE3JQR4O2SOUS5TXNLANRPMHWV4I/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMBOJ77A7T7PQCARMDUK75TE6LLESZ3O/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAVPQNCG3XRLCLNSQRM3KAN5ZFMVXVTY/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5U7OTKZSHY2I3ZFJSR2SHFHW72RKGDK/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YRQAI7H4M4RQZ2IWZUEEXECBE5D56BH2/
• https://security.netapp.com/advisory/ntap-20220901-0005/
• https://security.netapp.com/advisory/ntap-20230427-0007/
• https://support.apple.com/kb/HT213488
• https://support.apple.com/kb/HT213489
• https://support.apple.com/kb/HT213490
• https://support.apple.com/kb/HT213491
• https://support.apple.com/kb/HT213493
• https://support.apple.com/kb/HT213494
• https://www.debian.org/security/2022/dsa-5218
• https://github.com/curl/curl/issues/9271

NVD Description

Note: Versions mentioned in the description apply only to the upstream gzip package and not the gzip package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.

Remediation

Upgrade Ubuntu:16.04 gzip to version 1.6-4ubuntu1+esm1 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-1271
• https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6
• https://access.redhat.com/security/cve/CVE-2022-1271
• https://bugzilla.redhat.com/show_bug.cgi?id=2073310
• https://git.tukaani.org/?p=xz.git%3Ba=commit%3Bh=69d1b3fc29677af8ade8dc15dba83f0589cb63d6
• https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html
• https://security-tracker.debian.org/tracker/CVE-2022-1271
• https://security.gentoo.org/glsa/202209-01
• https://security.netapp.com/advisory/ntap-20220930-0006/
• https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch
• https://www.openwall.com/lists/oss-security/2022/04/07/8

NVD Description

Note: Versions mentioned in the description apply only to the upstream xz-utils package and not the xz-utils package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.

Remediation

Upgrade Ubuntu:16.04 xz-utils to version 5.1.1alpha+20120614-2ubuntu2.16.04.1+esm1 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-1271
• https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6
• https://access.redhat.com/security/cve/CVE-2022-1271
• https://bugzilla.redhat.com/show_bug.cgi?id=2073310
• https://git.tukaani.org/?p=xz.git%3Ba=commit%3Bh=69d1b3fc29677af8ade8dc15dba83f0589cb63d6
• https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html
• https://security-tracker.debian.org/tracker/CVE-2022-1271
• https://security.gentoo.org/glsa/202209-01
• https://security.netapp.com/advisory/ntap-20220930-0006/
• https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch
• https://www.openwall.com/lists/oss-security/2022/04/07/8

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.

Remediation

Upgrade Ubuntu:16.04 perl to version 5.22.1-9ubuntu0.9+esm2 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-31484
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/
• http://www.openwall.com/lists/oss-security/2023/04/29/1
• http://www.openwall.com/lists/oss-security/2023/05/03/3
• http://www.openwall.com/lists/oss-security/2023/05/03/5
• http://www.openwall.com/lists/oss-security/2023/05/07/2
• https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/
• https://github.com/andk/cpanpm/pull/175
• https://lists.debian.org/debian-lts-announce/2024/10/msg00017.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/
• https://metacpan.org/dist/CPAN/changes
• https://security.netapp.com/advisory/ntap-20240621-0007/
• https://www.openwall.com/lists/oss-security/2023/04/18/14

NVD Description

Note: Versions mentioned in the description apply only to the upstream e2fsprogs package and not the e2fsprogs package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.

Remediation

Upgrade Ubuntu:16.04 e2fsprogs to version 1.42.13-1ubuntu1.2+esm1 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-1304
• https://access.redhat.com/errata/RHSA-2022:7720
• https://access.redhat.com/errata/RHSA-2022:8361
• https://access.redhat.com/security/cve/CVE-2022-1304
• https://lists.debian.org/debian-lts-announce/2024/10/msg00001.html
• https://security.netapp.com/advisory/ntap-20241122-0010/
• https://bugzilla.redhat.com/show_bug.cgi?id=2069726

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.

Remediation

Upgrade Ubuntu:16.04 glibc to version 2.23-0ubuntu11.3+esm1 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2021-3999
• https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e
• https://access.redhat.com/errata/RHSA-2022:0896
• https://access.redhat.com/security/cve/CVE-2021-3999
• https://bugzilla.redhat.com/show_bug.cgi?id=2024637
• https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html
• https://security-tracker.debian.org/tracker/CVE-2021-3999
• https://security.netapp.com/advisory/ntap-20221104-0001/
• https://sourceware.org/bugzilla/show_bug.cgi?id=28769
• https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e
• https://www.openwall.com/lists/oss-security/2022/01/24/4

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.

Remediation

Upgrade Ubuntu:16.04 glibc to version 2.23-0ubuntu11.2 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-11237
• https://security-tracker.debian.org/tracker/CVE-2018-11237
• https://www.exploit-db.com/exploits/44750/
• https://sourceware.org/bugzilla/show_bug.cgi?id=23196
• https://security.netapp.com/advisory/ntap-20190329-0001/
• https://security.netapp.com/advisory/ntap-20190401-0001/
• https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
• https://access.redhat.com/errata/RHBA-2019:0327
• https://access.redhat.com/errata/RHSA-2018:3092
• http://www.securityfocus.com/bid/104256
• https://usn.ubuntu.com/4416-1/

NVD Description

Note: Versions mentioned in the description apply only to the upstream libcap2 package and not the libcap2 package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.

Remediation

Upgrade Ubuntu:16.04 libcap2 to version 1:2.24-12ubuntu0.1~esm1 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-2603
• https://bugzilla.redhat.com/show_bug.cgi?id=2209113
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ57ICDLMVYEREXQGZWL4GWI7FRJCRQT/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPEGCFMCN5KGCFX5Y2VTKR732TTD4ADW/
• https://www.x41-dsec.de/static/reports/X41-libcap-Code-Review-2023-OSTIF-Final-Report.pdf

NVD Description

Note: Versions mentioned in the description apply only to the upstream ncurses package and not the ncurses package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.

Remediation

Upgrade Ubuntu:16.04 ncurses to version 6.0+20160213-1ubuntu1+esm3 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-29491
• http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56
• http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56
• http://www.openwall.com/lists/oss-security/2023/04/19/10
• http://www.openwall.com/lists/oss-security/2023/04/19/11
• https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/
• https://security.netapp.com/advisory/ntap-20230517-0009/
• https://support.apple.com/kb/HT213843
• https://support.apple.com/kb/HT213844
• https://support.apple.com/kb/HT213845
• https://www.openwall.com/lists/oss-security/2023/04/12/5
• https://www.openwall.com/lists/oss-security/2023/04/13/4

NVD Description

Note: Versions mentioned in the description apply only to the upstream pam package and not the pam package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

Remediation

There is no fixed version for Ubuntu:16.04 pam.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2025-8941
• https://access.redhat.com/security/cve/CVE-2025-8941
• https://bugzilla.redhat.com/show_bug.cgi?id=2388220
• https://access.redhat.com/errata/RHSA-2025:14557
• https://access.redhat.com/errata/RHSA-2025:15100
• https://access.redhat.com/errata/RHSA-2025:15104
• https://access.redhat.com/errata/RHSA-2025:15107
• https://access.redhat.com/errata/RHSA-2025:15099
• https://access.redhat.com/errata/RHSA-2025:15101
• https://access.redhat.com/errata/RHSA-2025:15102
• https://access.redhat.com/errata/RHSA-2025:15103
• https://access.redhat.com/errata/RHSA-2025:15105
• https://access.redhat.com/errata/RHSA-2025:15106
• https://access.redhat.com/errata/RHSA-2025:15709
• https://access.redhat.com/errata/RHSA-2025:15828
• https://access.redhat.com/errata/RHSA-2025:15827
• https://access.redhat.com/errata/RHSA-2025:16524
• https://access.redhat.com/errata/RHSA-2025:18219
• https://access.redhat.com/errata/RHSA-2025:17181
• https://access.redhat.com/errata/RHSA-2025:21885

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

CPAN 2.28 allows Signature Verification Bypass.

Remediation

Upgrade Ubuntu:16.04 perl to version 5.22.1-9ubuntu0.9+esm1 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-16156
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
• http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
• https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
• https://lists.debian.org/debian-lts-announce/2024/10/msg00017.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
• https://metacpan.org/pod/distribution/CPAN/scripts/cpan

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.

Remediation

Upgrade Ubuntu:16.04 systemd to version 229-4ubuntu21.27 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-1712
• https://security-tracker.debian.org/tracker/CVE-2020-1712
• https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54
• https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb
• https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d
• https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2
• https://www.openwall.com/lists/oss-security/2020/02/05/1
• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712
• https://lists.debian.org/debian-lts-announce/2022/06/msg00025.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream zlib package and not the zlib package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

Remediation

Upgrade Ubuntu:16.04 zlib to version 1:1.2.8.dfsg-2ubuntu4.3+esm1 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-25032
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
• http://seclists.org/fulldisclosure/2022/May/33
• http://seclists.org/fulldisclosure/2022/May/35
• http://seclists.org/fulldisclosure/2022/May/38
• http://www.openwall.com/lists/oss-security/2022/03/25/2
• http://www.openwall.com/lists/oss-security/2022/03/26/1
• https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf
• https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
• https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
• https://github.com/madler/zlib/issues/605
• https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html
• https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html
• https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/
• https://security.gentoo.org/glsa/202210-42
• https://security.netapp.com/advisory/ntap-20220526-0009/
• https://security.netapp.com/advisory/ntap-20220729-0004/
• https://support.apple.com/kb/HT213255
• https://support.apple.com/kb/HT213256
• https://support.apple.com/kb/HT213257
• https://www.debian.org/security/2022/dsa-5111
• https://www.openwall.com/lists/oss-security/2022/03/24/1
• https://www.openwall.com/lists/oss-security/2022/03/28/1
• https://www.openwall.com/lists/oss-security/2022/03/28/3
• https://www.oracle.com/security-alerts/cpujul2022.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.

Remediation

Upgrade Ubuntu:16.04 glibc to version 2.23-0ubuntu11.2 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-1751
• https://security-tracker.debian.org/tracker/CVE-2020-1751
• https://security.gentoo.org/glsa/202006-04
• https://sourceware.org/bugzilla/show_bug.cgi?id=25423
• https://security.netapp.com/advisory/ntap-20200430-0002/
• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751
• https://usn.ubuntu.com/4416-1/

NVD Description

Note: Versions mentioned in the description apply only to the upstream e2fsprogs package and not the e2fsprogs package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.

Remediation

Upgrade Ubuntu:16.04 e2fsprogs to version 1.42.13-1ubuntu1.2 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-5188
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5188
• https://security-tracker.debian.org/tracker/CVE-2019-5188
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AKETJ6BREDUHRWQTV35SPGG5C6H7KSI/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DOBCYQKCTTWXBLMUPJ5TX3FY7JNCOKY/
• https://lists.debian.org/debian-lts-announce/2020/03/msg00030.html
• https://lists.debian.org/debian-lts-announce/2020/07/msg00021.html
• http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00004.html
• https://talosintelligence.com/vulnerability_reports/TALOS-2019-0973
• https://usn.ubuntu.com/4249-1/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AKETJ6BREDUHRWQTV35SPGG5C6H7KSI/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DOBCYQKCTTWXBLMUPJ5TX3FY7JNCOKY/
• https://security.netapp.com/advisory/ntap-20220506-0001/

NVD Description

Note: Versions mentioned in the description apply only to the upstream gnupg package and not the gnupg package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.

Remediation

Upgrade Ubuntu:16.04 gnupg to version 1.4.20-1ubuntu3.3+esm2 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-34903
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/
• http://www.openwall.com/lists/oss-security/2022/07/02/1
• https://bugs.debian.org/1014157
• https://dev.gnupg.org/T6027
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRLWJQ76A4UKHI3Q36BKSJKS4LFLQO33/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPTAR76EIZY7NQFENSOZO7U473257OVZ/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VN63GBTMRWO36Y7BKA2WQHROAKCXKCBL/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU64FUVG2PRZBSHFOQRSP7KDVEIZ23OS/
• https://security.netapp.com/advisory/ntap-20220826-0005/
• https://www.debian.org/security/2022/dsa-5174
• https://www.openwall.com/lists/oss-security/2022/06/30/1

NVD Description

Note: Versions mentioned in the description apply only to the upstream ncurses package and not the ncurses package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.

Remediation

Upgrade Ubuntu:16.04 ncurses to version 6.0+20160213-1ubuntu1+esm4 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-19189
• http://seclists.org/fulldisclosure/2023/Dec/10
• http://seclists.org/fulldisclosure/2023/Dec/11
• http://seclists.org/fulldisclosure/2023/Dec/9
• https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc5.md
• https://lists.debian.org/debian-lts-announce/2023/09/msg00033.html
• https://security.netapp.com/advisory/ntap-20231006-0005/
• https://support.apple.com/kb/HT214036
• https://support.apple.com/kb/HT214037
• https://support.apple.com/kb/HT214038

NVD Description

Note: Versions mentioned in the description apply only to the upstream libgcrypt20 package and not the libgcrypt20 package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.

Remediation

Upgrade Ubuntu:16.04 libgcrypt20 to version 1.6.5-2ubuntu0.6 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-13627
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627
• https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html
• https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html
• https://security-tracker.debian.org/tracker/CVE-2019-13627
• https://security.gentoo.org/glsa/202003-32
• https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5
• https://minerva.crocs.fi.muni.cz/
• http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html
• http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html
• http://www.openwall.com/lists/oss-security/2019/10/02/2
• https://usn.ubuntu.com/4236-1/
• https://usn.ubuntu.com/4236-2/
• https://usn.ubuntu.com/4236-3/

NVD Description

Note: Versions mentioned in the description apply only to the upstream libgcrypt20 package and not the libgcrypt20 package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.

Remediation

Upgrade Ubuntu:16.04 libgcrypt20 to version 1.6.5-2ubuntu0.6+esm1 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2021-40528
• https://eprint.iacr.org/2021/923
• https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1
• https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2
• https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320
• https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=3462280f2e23e16adf3ed5176e0f2413d8861320
• https://security.gentoo.org/glsa/202210-13

NVD Description

Note: Versions mentioned in the description apply only to the upstream apt package and not the apt package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0 versions prior to 1.6.12ubuntu0.2; 2.0.2ubuntu0 versions prior to 2.0.2ubuntu0.2; 2.1.10ubuntu0 versions prior to 2.1.10ubuntu0.1;

Remediation

Upgrade Ubuntu:16.04 apt to version 1.2.32ubuntu0.2 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-27350
• https://bugs.launchpad.net/bugs/1899193
• https://security.netapp.com/advisory/ntap-20210108-0005/
• https://www.debian.org/security/2020/dsa-4808
• https://usn.ubuntu.com/usn/usn-4667-1

NVD Description

Note: Versions mentioned in the description apply only to the upstream apt package and not the apt package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files.

Remediation

Upgrade Ubuntu:16.04 apt to version 1.2.32ubuntu0.1 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-3810
• https://security-tracker.debian.org/tracker/CVE-2020-3810
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U4PEH357MZM2SUGKETMEHMSGQS652QHH/
• https://github.com/Debian/apt/issues/111
• https://bugs.launchpad.net/bugs/1878177
• https://lists.debian.org/debian-security-announce/2020/msg00089.html
• https://salsa.debian.org/apt-team/apt/-/commit/dceb1e49e4b8e4dadaf056be34088b415939cda6
• https://tracker.debian.org/news/1144109/accepted-apt-212-source-into-unstable/
• https://usn.ubuntu.com/4359-2/
• https://usn.ubuntu.com/4359-1/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4PEH357MZM2SUGKETMEHMSGQS652QHH/

NVD Description

Note: Versions mentioned in the description apply only to the upstream pam package and not the pam package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.

Remediation

Upgrade Ubuntu:16.04 pam to version 1.1.8-3.2ubuntu2.3+esm5 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2024-22365
• http://www.openwall.com/lists/oss-security/2024/01/18/3
• https://github.com/linux-pam/linux-pam
• https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb
• https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0
• https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.

Remediation

Upgrade Ubuntu:16.04 systemd to version 229-4ubuntu21.31+esm3 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-3821
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/
• https://bugzilla.redhat.com/show_bug.cgi?id=2139327
• https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e
• https://github.com/systemd/systemd/issues/23928
• https://github.com/systemd/systemd/pull/23933
• https://lists.debian.org/debian-lts-announce/2023/06/msg00036.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/
• https://security.gentoo.org/glsa/202305-15

NVD Description

Note: Versions mentioned in the description apply only to the upstream tar package and not the tar package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.

Remediation

Upgrade Ubuntu:16.04 tar to version 1.28-2.1ubuntu0.2+esm2 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-48303
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/
• https://savannah.gnu.org/bugs/?62387
• https://savannah.gnu.org/patch/?10307

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.

Remediation

Upgrade Ubuntu:16.04 glibc to version 2.23-0ubuntu11.3+esm6 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2024-2961
• https://www.ambionics.io/blog/iconv-cve-2024-2961-p1
• https://www.ambionics.io/blog/iconv-cve-2024-2961-p2
• https://www.ambionics.io/blog/iconv-cve-2024-2961-p3
• http://www.openwall.com/lists/oss-security/2024/04/17/9
• http://www.openwall.com/lists/oss-security/2024/04/18/4
• http://www.openwall.com/lists/oss-security/2024/04/24/2
• http://www.openwall.com/lists/oss-security/2024/05/27/1
• http://www.openwall.com/lists/oss-security/2024/05/27/2
• http://www.openwall.com/lists/oss-security/2024/05/27/3
• http://www.openwall.com/lists/oss-security/2024/05/27/4
• http://www.openwall.com/lists/oss-security/2024/05/27/5
• http://www.openwall.com/lists/oss-security/2024/05/27/6
• http://www.openwall.com/lists/oss-security/2024/07/22/5
• https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/
• https://security.netapp.com/advisory/ntap-20240531-0002/
• https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
• https://github.com/ambionics/cnext-exploits
• https://github.com/projectdiscovery/nuclei-templates/blob/main/dast/cves/2024/CVE-2024-2961.yaml

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

nscd: Stack-based buffer overflow in netgroup cache

If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd.

This vulnerability is only present in the nscd binary.

Remediation

Upgrade Ubuntu:16.04 glibc to version 2.23-0ubuntu11.3+esm7 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2024-33599
• http://www.openwall.com/lists/oss-security/2024/07/22/5
• https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html
• https://security.netapp.com/advisory/ntap-20240524-0011/
• https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

nscd: Null pointer crashes after notfound response

If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd.

This vulnerability is only present in the nscd binary.

Remediation

Upgrade Ubuntu:16.04 glibc to version 2.23-0ubuntu11.3+esm7 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2024-33600
• http://www.openwall.com/lists/oss-security/2024/07/22/5
• https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html
• https://security.netapp.com/advisory/ntap-20240524-0013/
• https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

nscd: netgroup cache may terminate daemon on memory allocation failure

The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd.

This vulnerability is only present in the nscd binary.

Remediation

Upgrade Ubuntu:16.04 glibc to version 2.23-0ubuntu11.3+esm7 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2024-33601
• http://www.openwall.com/lists/oss-security/2024/07/22/5
• https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html
• https://security.netapp.com/advisory/ntap-20240524-0014/
• https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

nscd: netgroup cache assumes NSS callback uses in-buffer strings

The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd.

This vulnerability is only present in the nscd binary.

Remediation

Upgrade Ubuntu:16.04 glibc to version 2.23-0ubuntu11.3+esm7 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2024-33602
• http://www.openwall.com/lists/oss-security/2024/07/22/5
• https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html
• https://security.netapp.com/advisory/ntap-20240524-0012/
• https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.

Remediation

Upgrade Ubuntu:16.04 glibc to version 2.23-0ubuntu11.3+esm8 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2025-0395
• https://sourceware.org/bugzilla/show_bug.cgi?id=32582
• https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001
• https://sourceware.org/pipermail/libc-announce/2025/000044.html
• https://www.openwall.com/lists/oss-security/2025/01/22/4
• http://www.openwall.com/lists/oss-security/2025/01/22/4
• http://www.openwall.com/lists/oss-security/2025/01/23/2
• https://security.netapp.com/advisory/ntap-20250228-0006/
• http://www.openwall.com/lists/oss-security/2025/04/13/1
• http://www.openwall.com/lists/oss-security/2025/04/24/7
• https://lists.debian.org/debian-lts-announce/2025/04/msg00039.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.

Remediation

Upgrade Ubuntu:16.04 glibc to version 2.23-0ubuntu11.3+esm9 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2025-15281
• https://sourceware.org/bugzilla/show_bug.cgi?id=33814
• http://www.openwall.com/lists/oss-security/2026/01/20/3

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffer manipulation depending of how the regex is constructed. This issue affects all architectures and ABIs supported by the GNU C library.

Remediation

Upgrade Ubuntu:16.04 glibc to version 2.23-0ubuntu11.3+esm9 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2025-8058
• https://sourceware.org/bugzilla/show_bug.cgi?id=33185
• https://sourceware.org/git/?p=glibc.git;a=commit;h=3ff17af18c38727b88d9115e536c069e6b5d601f
• http://www.openwall.com/lists/oss-security/2025/07/23/1

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.

Remediation

Upgrade Ubuntu:16.04 glibc to version 2.23-0ubuntu11.3+esm9 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2026-0915
• http://www.openwall.com/lists/oss-security/2026/01/16/6
• https://sourceware.org/bugzilla/show_bug.cgi?id=33802

NVD Description

Note: Versions mentioned in the description apply only to the upstream tar package and not the tar package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c.

Remediation

Upgrade Ubuntu:16.04 tar to version 1.28-2.1ubuntu0.2+esm3 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-39804
• https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058079
• https://git.savannah.gnu.org/cgit/tar.git/commit/?id=a339f05cd269013fa133d2f148d73f6f7d4247e4
• https://git.savannah.gnu.org/cgit/tar.git/tree/src/xheader.c?h=release_1_34#n1723
• https://lists.debian.org/debian-lts-announce/2024/03/msg00008.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream tar package and not the tar package as distributed by Ubuntu. See How to fix? for Ubuntu:16.04 relevant fixed versions and status.

GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file's name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mechanism of "Member name contains '..'" that would occur for a single TAR archive that attempted to specify the critical file via a ../ approach. For example, the first archive can contain "x -> ../../../../../home/victim/.ssh" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in which "tar xf" is run more than once (e.g., when installing a package can automatically install two dependencies that are set up as untrusted tarballs instead of official packages). NOTE: the official GNU Tar manual has an otherwise-empty directory for each "tar xf" in its Security Rules of Thumb; however, third-party advice leads users to run "tar xf" more than once into the same directory.

Remediation

There is no fixed version for Ubuntu:16.04 tar.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2025-45582
• https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md
• https://www.gnu.org/software/tar/
• https://lists.gnu.org/archive/html/bug-tar/2025-08/msg00012.html
• https://www.gnu.org/software/tar/manual/html_node/Integrity.html
• https://www.gnu.org/software/tar/manual/html_node/Security-rules-of-thumb.html
• http://www.openwall.com/lists/oss-security/2025/11/01/6