USN-4448-1: Tomcat vulnerabilities

Releases

• Ubuntu 16.04 ESM

Packages

• tomcat8 - Servlet and JSP engine

Details

It was discovered that Tomcat incorrectly validated the payload length in
a WebSocket frame. A remote attacker could possibly use this issue to cause
Tomcat to hang, resulting in a denial of service. (CVE-2020-13935)

It was discovered that Tomcat incorrectly handled HTTP header parsing. In
certain environments where Tomcat is located behind a reverse proxy, a
remote attacker could possibly use this issue to perform HTTP Reqest
Smuggling. (CVE-2020-1935)

It was discovered that Tomcat incorrectly handled certain uncommon
PersistenceManager with FileStore configurations. A remote attacker could
possibly use this issue to execute arbitrary code. (CVE-2020-9484)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04

• libtomcat8-java - 8.0.32-1ubuntu1.13
• tomcat8 - 8.0.32-1ubuntu1.13

In general, a standard system update will make all the necessary changes.

References

• CVE-2020-13935
• CVE-2020-1935
• CVE-2020-9484

Related notices

• USN-4596-1: tomcat9-common, libtomcat9-embed-java, tomcat9, tomcat9-user, libtomcat9-java, tomcat9-examples, tomcat9-docs, tomcat9-admin
• USN-5360-1: tomcat9-common, libtomcat9-embed-java, tomcat9, tomcat9-user, libtomcat9-java, tomcat9-examples, tomcat9-docs, tomcat9-admin
• USN-6908-1: tomcat7-examples, tomcat7-common, tomcat7, tomcat7-docs, libservlet3.0-java, libservlet3.0-java-doc, libtomcat7-java, tomcat7-admin, tomcat7-user
• USN-6943-1: libservlet3.1-java-doc, tomcat9-common, libtomcat9-embed-java, tomcat9, libservlet3.1-java, tomcat8, tomcat8-admin, tomcat8-user, tomcat9-user, libtomcat8-java, libtomcat9-java, tomcat8-docs, tomcat9-examples, tomcat9-docs, tomcat8-examples, tomcat9-admin, tomcat8-common, libtomcat8-embed-java