Ubuntu alert USN-7781-1 (inetutils)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7781-1] Inetutils vulnerabilities | |
| Date: | Mon, 29 Sep 2025 05:32:13 +0000 | |
| Message-ID: | <E1v36Uf-0005hw-EV@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-7781-1 September 28, 2025 inetutils vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Inetutils. Software Description: - inetutils: Collection of common network programs Details: Matthew Hickey discovered that Inetutils did not correctly handle certain escape characters. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-0053) It was discovered that Inetutils did not correctly handle certain memory operations. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2020-10188) It was discovered that Inetutils did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-39028) It was discovered that Inetutils did not check the return values of set*id functions. An attacker could possibly use this issue to escalate their privileges. (CVE-2023-40303) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS inetutils-ftp 2:1.9.4-11ubuntu0.2+esm1 Available with Ubuntu Pro inetutils-ftpd 2:1.9.4-11ubuntu0.2+esm1 Available with Ubuntu Pro inetutils-inetd 2:1.9.4-11ubuntu0.2+esm1 Available with Ubuntu Pro inetutils-ping 2:1.9.4-11ubuntu0.2+esm1 Available with Ubuntu Pro inetutils-syslogd 2:1.9.4-11ubuntu0.2+esm1 Available with Ubuntu Pro inetutils-talk 2:1.9.4-11ubuntu0.2+esm1 Available with Ubuntu Pro inetutils-telnet 2:1.9.4-11ubuntu0.2+esm1 Available with Ubuntu Pro inetutils-tools 2:1.9.4-11ubuntu0.2+esm1 Available with Ubuntu Pro inetutils-traceroute 2:1.9.4-11ubuntu0.2+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS inetutils-ftp 2:1.9.4-3ubuntu0.1+esm2 Available with Ubuntu Pro inetutils-ftpd 2:1.9.4-3ubuntu0.1+esm2 Available with Ubuntu Pro inetutils-inetd 2:1.9.4-3ubuntu0.1+esm2 Available with Ubuntu Pro inetutils-ping 2:1.9.4-3ubuntu0.1+esm2 Available with Ubuntu Pro inetutils-syslogd 2:1.9.4-3ubuntu0.1+esm2 Available with Ubuntu Pro inetutils-talk 2:1.9.4-3ubuntu0.1+esm2 Available with Ubuntu Pro inetutils-telnet 2:1.9.4-3ubuntu0.1+esm2 Available with Ubuntu Pro inetutils-tools 2:1.9.4-3ubuntu0.1+esm2 Available with Ubuntu Pro inetutils-traceroute 2:1.9.4-3ubuntu0.1+esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS inetutils-ftp 2:1.9.4-1ubuntu0.1~esm3 Available with Ubuntu Pro inetutils-ftpd 2:1.9.4-1ubuntu0.1~esm3 Available with Ubuntu Pro inetutils-inetd 2:1.9.4-1ubuntu0.1~esm3 Available with Ubuntu Pro inetutils-ping 2:1.9.4-1ubuntu0.1~esm3 Available with Ubuntu Pro inetutils-syslogd 2:1.9.4-1ubuntu0.1~esm3 Available with Ubuntu Pro inetutils-talk 2:1.9.4-1ubuntu0.1~esm3 Available with Ubuntu Pro inetutils-telnet 2:1.9.4-1ubuntu0.1~esm3 Available with Ubuntu Pro inetutils-tools 2:1.9.4-1ubuntu0.1~esm3 Available with Ubuntu Pro inetutils-traceroute 2:1.9.4-1ubuntu0.1~esm3 Available with Ubuntu Pro Ubuntu 14.04 LTS inetutils-ftp 2:1.9.2-1ubuntu0.1~esm2 Available with Ubuntu Pro inetutils-ftpd 2:1.9.2-1ubuntu0.1~esm2 Available with Ubuntu Pro inetutils-inetd 2:1.9.2-1ubuntu0.1~esm2 Available with Ubuntu Pro inetutils-ping 2:1.9.2-1ubuntu0.1~esm2 Available with Ubuntu Pro inetutils-syslogd 2:1.9.2-1ubuntu0.1~esm2 Available with Ubuntu Pro inetutils-talk 2:1.9.2-1ubuntu0.1~esm2 Available with Ubuntu Pro inetutils-telnet 2:1.9.2-1ubuntu0.1~esm2 Available with Ubuntu Pro inetutils-tools 2:1.9.2-1ubuntu0.1~esm2 Available with Ubuntu Pro inetutils-traceroute 2:1.9.2-1ubuntu0.1~esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7781-1 CVE-2019-0053, CVE-2020-10188, CVE-2022-39028, CVE-2023-40303
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmjaGFUACgkQcpJm3tlz hgHC/g/9GxMrMRJxCUPYSviYR/TJ2ZxxBM8OlhPREOQS11sXlqvQ9bTPAOG/8+G+ D8rUiVwLwescxdFGCbWfvKlgdmkCmykTHCUdqoCzJ8vwQrNSepSWzsmKmiQZKFE0 5dp/4bozpEUC+3Mld7HC6zIlJFdDPFRQN2snC3MgSHVvD0Vz4vsC3SgLi8Xii0ai cRHOyDgKATtJV/MWZxc9hOfaI2Eozf5Tb9cKP/wYuyMXFGLXtCQy+aCse/kk1hb3 oucL/9x9iC5PibBVGcRZWkFjXtyKZgEjlcz2OcLzqn9ELbiwwjs86KfWm1k+837y 75k3/VFD1q/o9xWIObrm7jsUyhtJn2a75UxSGBcp9EOAtgudvEn2zGPZkRuEBref UK6YRsKvYQ6D3YDwxatSsE1vzlMZlG41TPRgOoxact3Y3MGA61lJ1Jp3yQQRcbP5 UmDFbjwpEq1FxnnMiKxl2gYKQQ1FYYAYEnsZkxadC+4qN+Ko+vvHGRkzKI/sLkXB bPjRnYLhKlhuZO+QpOn6KkbkBMLcnDcmfWKo5NO9/R99r/n67IoebSoBSD1BWzsV l0qPjvghTBkpmNjyF5ZPR2Y2R5O3CrAIf7Dw5GR8hd8XgfNK3/9OSB9DribRGya2 n1Ty1TrQ6giQjOLruSDX7A3F3lo2nZso4RdOZpotNNK5cxN2KDQ= =NKHV -----END PGP SIGNATURE-----