USN-7422-1: FIS-GT.M vulnerabilities
First published: Mon Apr 07 2025(Updated: )
It was discovered that FIS-GT.M could incorrectly dereference memory in certain instances. An attacker could possibly use this issue to cause FIS-GT.M to crash, resulting in a denial of service. (CVE-2021-44492, CVE-2021-44498, CVE-2021-44508) It was discovered that FIS-GT.M could perform a division by zero due to a lack of input validation. An attacker could possibly use this issue to cause FIS-GT.M to crash, resulting in a denial of service. (CVE-2021-44500) It was discovered that FIS-GT.M could be forced to allocate memory of a chosen size through crafted input. An attacker could possibly use this issue to exhaust the available memory of FIS-GT.M, leading to a crash that would result in a denial of service. (CVE-2021-44502) It was discovered that FIS-GT.M could be forced to read from uninitialized memory due to a lack of input validation. An attacker could possibly use this issue to cause FIS-GT.M to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2021-44506) It was discovered that FIS-GT.M could crash due to an integer underflow. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-44509, CVE-2021-44510)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/fis-gtm | <6.3-014-3ubuntu0.1~esm1 | 6.3-014-3ubuntu0.1~esm1 |
| Ubuntu | =22.04 | |
| All of | ||
| ubuntu/fis-gtm-6.3-014 | <6.3-014-3ubuntu0.1~esm1 | 6.3-014-3ubuntu0.1~esm1 |
| Ubuntu | =22.04 | |
| All of | ||
| ubuntu/fis-gtm | <6.3-007-1ubuntu0.1~esm1 | 6.3-007-1ubuntu0.1~esm1 |
| Ubuntu | =20.04 | |
| All of | ||
| ubuntu/fis-gtm-6.3-007 | <6.3-007-1ubuntu0.1~esm1 | 6.3-007-1ubuntu0.1~esm1 |
| Ubuntu | =20.04 | |
| All of | ||
| ubuntu/fis-gtm | <6.3-003A-2ubuntu0.1~esm1 | 6.3-003A-2ubuntu0.1~esm1 |
| Ubuntu | =18.04 | |
| All of | ||
| ubuntu/fis-gtm-6.3-003a | <6.3-003A-2ubuntu0.1~esm1 | 6.3-003A-2ubuntu0.1~esm1 |
| Ubuntu | =18.04 | |
| All of | ||
| ubuntu/fis-gtm | <6.2-002A-2ubuntu0.1~esm1 | 6.2-002A-2ubuntu0.1~esm1 |
| Ubuntu | =16.04 | |
| All of | ||
| ubuntu/fis-gtm-6.2-002 | <6.2-002A-2ubuntu0.1~esm1 | 6.2-002A-2ubuntu0.1~esm1 |
| Ubuntu | =16.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2021-44502
- https://ubuntu.com/security/CVE-2021-44510
- https://ubuntu.com/security/CVE-2021-44506
- https://ubuntu.com/security/CVE-2021-44498
- https://ubuntu.com/security/CVE-2021-44492
- https://ubuntu.com/security/CVE-2021-44509
- https://ubuntu.com/security/CVE-2021-44500
- https://ubuntu.com/security/CVE-2021-44508
- https://ubuntu.com/security/notices/USN-7422-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of USN-7422-1?
The severity of USN-7422-1 is categorized as medium due to the potential for denial of service.
How do I fix USN-7422-1?
You can fix USN-7422-1 by upgrading to the latest version of fis-gtm as specified in the advisory.
Which versions of Ubuntu are affected by USN-7422-1?
Ubuntu versions 16.04, 18.04, 20.04, and 22.04 are affected by USN-7422-1.
Can USN-7422-1 lead to data loss?
USN-7422-1 primarily causes a denial of service, which may disrupt services but does not directly lead to data loss.
Who can exploit the USN-7422-1 vulnerability?
An attacker with access to manipulate the FIS-GT.M software can exploit the vulnerability of USN-7422-1.
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/source
- agent/title
- agent/last-modified-date
- agent/weakness
- agent/tags
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/description
- agent/event
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu
- version/ubuntu/22.04
- version/ubuntu/20.04
- version/ubuntu/18.04
- version/ubuntu/16.04