SUSE: 2018:2185-1 Important: glibc Buffer Overflow and Memory Leak

suse

August 3, 2018

An update that fixes 5 vulnerabilities is now available

Summary

This update for glibc fixes the following issues: Security issues fixed: - CVE-2017-15804: Fix buffer overflow during unescaping of user names in the glob function in glob.c (bsc#1064580). - CVE-2017-15670: Fix buffer overflow in glob with GLOB_TILDE (bsc#1064583). - CVE-2017-15671: Fix memory leak in glob with GLOB_TILDE (bsc#1064569). - CVE-2018-11236: Fix 32bit arch integer overflow in stdlib/canonicalize.c when processing very long pathname arguments (bsc#1094161). - CVE-2017-12132: Reduce advertised EDNS0 buffer size to guard against fragmentation attacks (bsc#1051791). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product:

Topics Covered

security advisory buffer overflow critical memory leak glibc integer overflow SUSE

References

#1051791 #1064569 #1064580 #1064583 #1094161

Cross- CVE-2017-12132 CVE-2017-15670 CVE-2017-15671

CVE-2017-15804 CVE-2018-11236

Affected Products:

SUSE Linux Enterprise Server for SAP 12-SP1

SUSE Linux Enterprise Server 12-SP1-LTSS

https://www.suse.com/security/cve/CVE-2017-12132.html

https://www.suse.com/security/cve/CVE-2017-15670.html

https://www.suse.com/security/cve/CVE-2017-15671.html

https://www.suse.com/security/cve/CVE-2017-15804.html

https://www.suse.com/security/cve/CVE-2018-11236.html

https://bugzilla.suse.com/1051791

https://bugzilla.suse.com/1064569

https://bugzilla.suse.com/1064580

https://bugzilla.suse.com/1064583

https://bugzilla.suse.com/1094161

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2018:2185-1

Rating: important

Topics Covered

security advisory buffer overflow critical memory leak glibc integer overflow SUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:2185-1 Important: glibc Buffer Overflow and Memory Leak

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2018:2185-1 Important: glibc Buffer Overflow and Memory Leak

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!