Number: AV21-651
Date: 22 December 2021
Between 14 and 19 December 2021 Ubuntu published Security Notices to address critical vulnerabilities which may affect multiple products using the Apache Log4j logging utility.
Exploitation of these vulnerabilities could lead to remote code execution.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates when available.
Ubuntu Security Notices
https://ubuntu.com/security/notices
Ubuntu Log4Shell
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Log4Shell
Active Exploitation of Apache Log4j Vulnerability (AL21-019)
https://cyber.gc.ca/en/alerts/active-exploitation-apache-log4j-vulnerability