SUSE: 2022:2049-1 Critical: Bci/Nodejs Buffer Overflow and Injection Flaws
suse
September 7, 2022
The container bci/nodejs was updated
Summary
Advisory ID: SUSE-RU-2022:2944-1 Released: Wed Aug 31 05:39:14 2022 Summary: Recommended update for procps Type: recommended Severity: important Advisory ID: SUSE-SU-2022:2947-1 Released: Wed Aug 31 09:16:21 2022 Summary: Security update for zlib Type: security Severity: important Advisory ID: SUSE-RU-2022:2982-1 Released: Thu Sep 1 12:33:47 2022 Summary: Recommended update for util-linux Type: recommended
References
References : 1181475 1197178 1198731 1198925 1200842 1202175 1202593 CVE-2022-35252
CVE-2022-37434
1181475
This update for procps fixes the following issues:
- Fix 'free' command reporting misleading 'used' value (bsc#1181475)
1202175,CVE-2022-37434
This update for zlib fixes the following issues:
- CVE-2022-37434: Fixed heap-based buffer over-read or buffer overflow via large gzip header extra field (bsc#1202175).
1197178,1198731,1200842
This update for util-linux fixes the following issues:
- su: Change owner and mode for pty (bsc#1200842)
- agetty: Resolve tty name even if stdin is specified (bsc#1197178)
- libmount: When moving a mount point, update all sub mount entries in utab (bsc#1198731)
- mesg: use only stat() to get the current terminal status (bsc#1200842)
1198925
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Container Advisory ID : SUSE-CU-2022:2049-1
Container Tags : bci/node:12 , bci/node:12-16.170 , bci/nodejs:12 , bci/nodejs:12-16.170
Container Release : 16.170
Severity : important
Type : security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!