USN-3729-1: libxcursor vulnerability | Cloud Foundry

2018-09-11T00:00:00
ID CFOUNDRY:270743B25C52E81E669971AAEDFBCABC
Type cloudfoundry
Reporter Cloud Foundry
Modified 2018-09-11T00:00:00

Description

Severity

Medium

Vendor

Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu 14.04

Description

It was discovered that libxcursor incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.

Affected Cloud Foundry Products and Versions

Severity is medium unless otherwise noted.

  • All versions of Cloud Foundry cflinuxfs2 prior to 1.228.0

Mitigation

OSS users are strongly encouraged to follow one of the mitigations below:

  • The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.228.0 or later.

References