USN-4448-1: Tomcat vulnerabilities

Releases

• Ubuntu 16.04 ESM

Packages

• tomcat8 - Servlet and JSP engine

Details

It was discovered that Tomcat incorrectly validated the payload length in
a WebSocket frame. A remote attacker could possibly use this issue to cause
Tomcat to hang, resulting in a denial of service. (CVE-2020-13935)

It was discovered that Tomcat incorrectly handled HTTP header parsing. In
certain environments where Tomcat is located behind a reverse proxy, a
remote attacker could possibly use this issue to perform HTTP Reqest
Smuggling. (CVE-2020-1935)

It was discovered that Tomcat incorrectly handled certain uncommon
PersistenceManager with FileStore configurations. A remote attacker could
possibly use this issue to execute arbitrary code. (CVE-2020-9484)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04

• libtomcat8-java - 8.0.32-1ubuntu1.13
• tomcat8 - 8.0.32-1ubuntu1.13

In general, a standard system update will make all the necessary changes.

References

• CVE-2020-13935
• CVE-2020-1935
• CVE-2020-9484

Related notices

• USN-4596-1: libtomcat9-java, tomcat9-docs, tomcat9-user, tomcat9, tomcat9-common, tomcat9-admin, tomcat9-examples, libtomcat9-embed-java
• USN-5360-1: libtomcat9-java, tomcat9-docs, tomcat9-user, tomcat9, tomcat9-common, tomcat9-admin, tomcat9-examples, libtomcat9-embed-java
• USN-6908-1: libservlet3.0-java-doc, tomcat7-common, tomcat7-admin, tomcat7-examples, tomcat7-user, libtomcat7-java, tomcat7-docs, tomcat7, libservlet3.0-java
• USN-6943-1: tomcat8-common, libtomcat8-embed-java, libtomcat9-java, tomcat9-docs, tomcat9-user, tomcat8-admin, tomcat9, tomcat8-examples, tomcat8-user, tomcat9-common, tomcat9-admin, libservlet3.1-java-doc, libservlet3.1-java, tomcat8-docs, libtomcat8-java, tomcat9-examples, libtomcat9-embed-java, tomcat8