Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE: 2024:2195-1 Important: HDF5 Security Update for Critical Fixes

suse
Calendar Grey June 25, 2024
Dist Suse Esm H88
Critical SUSE security notice released detailing several HDF5 vulnerabilities with serious implications. Prompt response necessary.
* bsc#1224158 Cross-References: * CVE-2017-17507 * CVE-2018-11205

Summary

## This update for hdf5 fixes the following issues: * Fix bsc#1224158 - this fixes: CVE-2024-29158, CVE-2024-29161, CVE-2024-29166, CVE-2024-32608, CVE-2024-32610, CVE-2024-32614, CVE-2024-32619, CVE-2024-32620, CVE-2024-33873, CVE-2024-33874, CVE-2024-33875 Additionally, these fixes resolve crashes triggered by the reproducers for CVE-2017-17507, CVE-2018-11205. These crashes appear to be unrelated to the original problems. This update also ships several missing PackageHub packages for 15 SP5 and 15 SP6. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2195=1 * openSUSE Leap 15.4

Topics%20covered

Topics Covered

security advisory buffer overflow critical DoS SUSE updates hdf5

References

* bsc#1224158

Cross-

* CVE-2017-17507

* CVE-2018-11205

* CVE-2024-29158

* CVE-2024-29161

* CVE-2024-29166

* CVE-2024-32608

* CVE-2024-32610

* CVE-2024-32614

* CVE-2024-32619

* CVE-2024-32620

* CVE-2024-33873

* CVE-2024-33874

* CVE-2024-33875

CVSS scores:

* CVE-2017-17507 ( SUSE ): 4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

* CVE-2017-17507 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2018-11205 ( SUSE ): 5.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

* CVE-2018-11205 ( NVD ): 8.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

* CVE-2024-29158 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

* CVE-2024-29161 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:2195-1
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow critical DoS SUSE updates hdf5

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here