Ubuntu Security Notice USN-6046-1 ≈ Packet Storm

Home^[1] Files^[2] News^[3] &[SERVICES_TAB] Contact^[4] Add New^[5]

Change Mirror^[14] Download^[15]

        ==========================================================================
Ubuntu Security Notice USN-6046-1
April 27, 2023
openssl-ibmca vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
Summary:
OpenSSL-ibmca could be made to expose sensitive information.
Software Description:
- openssl-ibmca: libica based hardware acceleration engine for OpenSSL
Details:
It was discovered that OpenSSL-ibmca incorrectly handled certain RSA decryption.
An attacker could possibly use this issue to expose sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
openssl-ibmca                   2.3.0-0ubuntu1.1
Ubuntu 22.04 LTS:
openssl-ibmca                   2.2.3-0ubuntu1.1
Ubuntu 20.04 LTS:
openssl-ibmca                   2.1.0-0ubuntu1.20.04.2
Ubuntu 18.04 LTS:
openssl-ibmca                   1.4.1-0ubuntu1.2
Ubuntu 16.04 ESM:
openssl-ibmca                   1.3.0-0ubuntu2.16.04.3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6046-1
https://launchpad.net/bugs/2015454
Package Information:
https://launchpad.net/ubuntu/+source/openssl-ibmca/2.3.0-0ubuntu1.1
https://launchpad.net/ubuntu/+source/openssl-ibmca/2.2.3-0ubuntu1.1
https://launchpad.net/ubuntu/+source/openssl-ibmca/2.1.0-0ubuntu1.20.04.2
https://launchpad.net/ubuntu/+source/openssl-ibmca/1.4.1-0ubuntu1.2

• Follow us on Twitter^[18]
• Follow us on Facebook^[19]
• Subscribe to an RSS Feed^[20]

File Tags

• ActiveX^[21] (932)
• Advisory^[22] (80,848)
• Arbitrary^[23] (15,975)
• BBS^[24] (2,859)
• Bypass^[25] (1,662)
• CGI^[26] (1,024)
• Code Execution^[27] (7,099)
• Conference^[28] (677)
• Cracker^[29] (840)
• CSRF^[30] (3,311)
• DoS^[31] (23,019)
• Encryption^[32] (2,359)
• Exploit^[33] (50,946)
• File Inclusion^[34] (4,189)
• File Upload^[35] (951)
• Firewall^[36] (821)
• Info Disclosure^[37] (2,701)
• Intrusion Detection^[38] (879)
• Java^[39] (2,993)
• JavaScript^[40] (834)
• Kernel^[41] (6,511)
• Local^[42] (14,344)
• Magazine^[43] (586)
• Overflow^[44] (12,558)
• Perl^[45] (1,419)
• PHP^[46] (5,114)
• Proof of Concept^[47] (2,300)
• Protocol^[48] (3,516)
• Python^[49] (1,489)
• Remote^[50] (30,393)
• Root^[51] (3,543)
• Rootkit^[52] (505)
• Ruby^[53] (604)
• Scanner^[54] (1,633)
• Security Tool^[55] (7,836)
• Shell^[56] (3,146)
• Shellcode^[57] (1,211)
• Sniffer^[58] (892)
• Spoof^[59] (2,188)
• SQL Injection^[60] (16,195)
• TCP^[61] (2,390)
• Trojan^[62] (687)
• UDP^[63] (882)
• Virus^[64] (663)
• Vulnerability^[65] (31,453)
• Web^[66] (9,502)
• Whitepaper^[67] (3,741)
• x86^[68] (948)
• XSS^[69] (17,626)
• Other^[70]

File Archives

• April 2023^[71]
• March 2023^[72]
• February 2023^[73]
• January 2023^[74]
• December 2022^[75]
• November 2022^[76]
• October 2022^[77]
• September 2022^[78]
• August 2022^[79]
• July 2022^[80]
• June 2022^[81]
• May 2022^[82]
• Older^[83]

Systems

• AIX^[84] (426)
• Apple^[85] (1,966)
• BSD^[86] (372)
• CentOS^[87] (57)
• Cisco^[88] (1,920)
• Debian^[89] (6,728)
• Fedora^[90] (1,691)
• FreeBSD^[91] (1,244)
• Gentoo^[92] (4,288)
• HPUX^[93] (878)
• iOS^[94] (342)
• iPhone^[95] (108)
• IRIX^[96] (220)
• Juniper^[97] (67)
• Linux^[98] (45,376)
• Mac OS X^[99] (684)
• Mandriva^[100] (3,105)
• NetBSD^[101] (256)
• OpenBSD^[102] (482)
• RedHat^[103] (13,075)
• Slackware^[104] (941)
• Solaris^[105] (1,609)
• SUSE^[106] (1,444)
• Ubuntu^[107] (8,522)
• UNIX^[108] (9,221)
• UnixWare^[109] (185)
• Windows^[110] (6,543)
• Other^[111]

© 2022 Packet Storm. All rights reserved.

Read more https://packetstormsecurity.com/files/172065/USN-6046-1.txt