Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
91
security advisorygentoobuffer overflowGentoo: GLSA-202307-21 Moderate: blktrace Buffer Overflow
A buffer overflow in blktrace might allow arbitrary code execution.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202107-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: blktrace: Buffer overflow Date: July 08, 2021 Bugs: #655146 ID: 202107-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A buffer overflow in blktrace might allow arbitrary code execution. Background ========= blktrace shows detailed information about what is happening on a block device IO queue. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 sys-block/blktrace < 1.2.0_p20210419122502> = 1.2.0_p20210419122502 Description ========== A crafted file could cause a buffer overflow in the 'dev_map_read' function because the device and devno arrays are too small. Impact ===== A remote attacker could entice a user to open a specially crafted file using blktrace, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All blktrace users should upgrade to the latest version: # emerge --sync # emerge -a --oneshot -v "> =sys-block/blktrace-1.2.0_p20210419122502" References ========= [ 1 ] CVE-2018-10689 https://nvd.nist.gov/vuln/detail/CVE-2018-10689 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202107-15 Concerns? ======== Security isa primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
Jul 07, 2021
Gentoo
100
security advisorysecurity issuebuffer overflowSUSE: 2020:2942-1 Low Severity: blktrace Buffer Overflow Fix
An update that contains security fixes can now be installed. . SUSE Security Update: Security update for blktrace ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:2942-1 Rating: low References: #1091942 Affected Products: SUSE Linux Enterprise Server 12-SP5 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: blktrace was updated to fix a security issue: - CVE-2018-10689: Prevent buffer overflow in the dev_map_read function because the device and devno arrays were too small (bsc#1091942) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-2942=1 Package List: - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): blktrace-1.0.5-8.5.74 blktrace-debuginfo-1.0.5-8.5.74 blktrace-debugsource-1.0.5-8.5.74 References: https://bugzilla.suse.com/1091942 _______________________________________________ sle-security-updates mailing list
Oct 16, 2020
•Low
SuSE
98
security advisorysecurity updatecriticalRedHat: RHSA-2020-1966-01 Important: Kernel Security Update for RHEL
An update for kernel is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2020:1966-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:1966 Issue date: 2020-04-29 CVE Names: CVE-2019-19768 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS E4S (v. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * blktrace: Protect q-> blk_trace with RCU (CVE-2019-19768) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1786164 - CVE-2019-19768 kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c 6. Package List: Red Hat Enterprise Linux BaseOS E4S (v.8.0): Source: kernel-4.18.0-80.18.1.el8_0.src.rpm aarch64: bpftool-4.18.0-80.18.1.el8_0.aarch64.rpm bpftool-debuginfo-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-core-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-cross-headers-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-debug-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-debug-core-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-debug-debuginfo-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-debug-devel-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-debug-modules-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-debug-modules-extra-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-debuginfo-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-devel-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-headers-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-modules-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-modules-extra-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-tools-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-tools-debuginfo-4.18.0-80.18.1.el8_0.aarch64.rpm kernel-tools-libs-4.18.0-80.18.1.el8_0.aarch64.rpm perf-4.18.0-80.18.1.el8_0.aarch64.rpm perf-debuginfo-4.18.0-80.18.1.el8_0.aarch64.rpm python3-perf-4.18.0-80.18.1.el8_0.aarch64.rpm python3-perf-debuginfo-4.18.0-80.18.1.el8_0.aarch64.rpm noarch: kernel-abi-whitelists-4.18.0-80.18.1.el8_0.noarch.rpm kernel-doc-4.18.0-80.18.1.el8_0.noarch.rpm ppc64le: bpftool-4.18.0-80.18.1.el8_0.ppc64le.rpm bpftool-debuginfo-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-core-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-cross-headers-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-debug-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-debug-core-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-debug-debuginfo-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-debug-devel-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-debug-modules-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-debug-modules-extra-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-debuginfo-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-devel-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-headers-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-modules-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-modules-extra-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-tools-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-tools-debuginfo-4.18.0-80.18.1.el8_0.ppc64le.rpm kernel-tools-libs-4.18.0-80.18.1.el8_0.ppc64le.rpm perf-4.18.0-80.18.1.el8_0.ppc64le.rpm perf-debuginfo-4.18.0-80.18.1.el8_0.ppc64le.rpm python3-perf-4.18.0-80.18.1.el8_0.ppc64le.rpm python3-perf-debuginfo-4.18.0-80.18.1.el8_0.ppc64le.rpm s390x: bpftool-4.18.0-80.18.1.el8_0.s390x.rpm bpftool-debuginfo-4.18.0-80.18.1.el8_0.s390x.rpm kernel-4.18.0-80.18.1.el8_0.s390x.rpm kernel-core-4.18.0-80.18.1.el8_0.s390x.rpm kernel-cross-headers-4.18.0-80.18.1.el8_0.s390x.rpm kernel-debug-4.18.0-80.18.1.el8_0.s390x.rpm kernel-debug-core-4.18.0-80.18.1.el8_0.s390x.rpm kernel-debug-debuginfo-4.18.0-80.18.1.el8_0.s390x.rpm kernel-debug-devel-4.18.0-80.18.1.el8_0.s390x.rpm kernel-debug-modules-4.18.0-80.18.1.el8_0.s390x.rpm kernel-debug-modules-extra-4.18.0-80.18.1.el8_0.s390x.rpm kernel-debuginfo-4.18.0-80.18.1.el8_0.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-80.18.1.el8_0.s390x.rpm kernel-devel-4.18.0-80.18.1.el8_0.s390x.rpm kernel-headers-4.18.0-80.18.1.el8_0.s390x.rpm kernel-modules-4.18.0-80.18.1.el8_0.s390x.rpm kernel-modules-extra-4.18.0-80.18.1.el8_0.s390x.rpm kernel-tools-4.18.0-80.18.1.el8_0.s390x.rpm kernel-tools-debuginfo-4.18.0-80.18.1.el8_0.s390x.rpm kernel-zfcpdump-4.18.0-80.18.1.el8_0.s390x.rpm kernel-zfcpdump-core-4.18.0-80.18.1.el8_0.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-80.18.1.el8_0.s390x.rpm kernel-zfcpdump-devel-4.18.0-80.18.1.el8_0.s390x.rpm kernel-zfcpdump-modules-4.18.0-80.18.1.el8_0.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-80.18.1.el8_0.s390x.rpm perf-4.18.0-80.18.1.el8_0.s390x.rpm perf-debuginfo-4.18.0-80.18.1.el8_0.s390x.rpm python3-perf-4.18.0-80.18.1.el8_0.s390x.rpm python3-perf-debuginfo-4.18.0-80.18.1.el8_0.s390x.rpm x86_64: bpftool-4.18.0-80.18.1.el8_0.x86_64.rpm bpftool-debuginfo-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-core-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-cross-headers-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-debug-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-debug-core-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-debug-debuginfo-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-debug-devel-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-debug-modules-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-debug-modules-extra-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-debuginfo-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-devel-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-headers-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-modules-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-modules-extra-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-tools-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-tools-debuginfo-4.18.0-80.18.1.el8_0.x86_64.rpm kernel-tools-libs-4.18.0-80.18.1.el8_0.x86_64.rpm perf-4.18.0-80.18.1.el8_0.x86_64.rpm perf-debuginfo-4.18.0-80.18.1.el8_0.x86_64.rpm python3-perf-4.18.0-80.18.1.el8_0.x86_64.rpm python3-perf-debuginfo-4.18.0-80.18.1.el8_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-19768 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXqlKvtzjgjWX9erEAQg5HA//Sm0D/yzaE+PuccavXMBTyGpcNB5F4eTH ME1U2WF6CRDUC4XgZvszd/EjBYtvuick2LCeF8+mtn2+nZMusFuTJft4xKdpqB2M N4FvqAwyBL/RUI20b2U73EmhA0NQaj1RyXNm/k7UrZRCI+x3Q6ZDYTupuCoVy+0X xD/WbQAxQLOrEJlkJBaxqM6GrPd2W0aKjvJMxjrDw1MAw3cpvTmUI2g8xwUeiZ/U /0InXRqxn7BgNc9CZrzP2o/9uQVx5eZGa1d3AaKW/sLz/3xC0CETLwjHn5WGr4nC 7YkJ/xX16lptTFYcAyFAxVQyjobQm19l+Z1s1GCc+E+WJAfinBwGc6BeV3gioIUZ /B8M2OYKPBLPNpvl1S6SrF6gE/jwxpsTQC2+WhXK2/id+DkVE3WeibHUk2Ee6t4m uuK2iEV/eaWPmVjM8/EyxxsWvXl7JlGwyvHujOum0RxcICH0uqBXO/bbv4pyXPUx PgVCuKjYOdXYGljZqkBe/Pe7vEckmL0qtQLMIRpwhC7GyzpadQfV8X2HUmZGZLAj L5lB4g0988KpL/3gPAcHGqfnd10bCLrS7TBaCT2pkNT5mST0jOwGdX9GXXdr5hmS 30DvX5NAPmIf6d0UJUyvMhT+tcJ6HILiigFaSYMBPF8EKnsl+xLyEvNz5XSwO/+z aftUDvYoTaw=520z -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Apr 29, 2020
•Important
Red Hat
200
security advisorybuffer overflowadvisoryScientific Linux: SLSA-2019-2162-1 Low Severity Blktrace Buffer Overflow
blktrace: buffer overflow in the dev_map_read function in btt/devmap.c (CVE-2018-10689) SL7 x86_64 blktrace-1.0.5-9.el7.x86_64.rpm blktrace-debuginfo-1.0.5-9.el7.x86_64.rpm - Scientific Linux Development Team. Synopsis: Low: blktrace security update Advisory ID: SLSA-2019:2162-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-10689 -- Security Fix(es): * blktrace: buffer overflow in the dev_map_read function in btt/devmap.c (CVE-2018-10689) -- SL7 x86_64 blktrace-1.0.5-9.el7.x86_64.rpm blktrace-debuginfo-1.0.5-9.el7.x86_64.rpm - Scientific Linux Development Team . Minor blktrace enhancement on Scientific Linux tackling buffer overflow vulnerabilities associated with advisory ID SLSA-2019:2162-1.. blktrace buffer overflow advisory Scientific Linux update. . Severity: Low. LinuxSecurity.com Team
Aug 26, 2019
•Low
Scientific Linux
98
security advisorysecurity issuebuffer overflowRed Hat Enterprise Linux 7: RHSA-2019-2162-01 Low: Blktrace Buffer Overflow
An update for blktrace is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: blktrace security update Advisory ID: RHSA-2019:2162-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2162 Issue date: 2019-08-06 CVE Names: CVE-2018-10689 ==================================================================== 1. Summary: An update for blktrace is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: The blktrace packages contain a number of utilities to record the I/O trace information for the kernel to user space, and utilities to analyze and view the trace information. Security Fix(es): * blktrace: buffer overflow in the dev_map_read function in btt/devmap.c (CVE-2018-10689) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from theReferences section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1575119 - CVE-2018-10689 blktrace: buffer overflow in the dev_map_read function in btt/devmap.c 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: blktrace-1.0.5-9.el7.src.rpm x86_64: blktrace-1.0.5-9.el7.x86_64.rpm blktrace-debuginfo-1.0.5-9.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: blktrace-1.0.5-9.el7.src.rpm x86_64: blktrace-1.0.5-9.el7.x86_64.rpm blktrace-debuginfo-1.0.5-9.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: blktrace-1.0.5-9.el7.src.rpm ppc64: blktrace-1.0.5-9.el7.ppc64.rpm blktrace-debuginfo-1.0.5-9.el7.ppc64.rpm ppc64le: blktrace-1.0.5-9.el7.ppc64le.rpm blktrace-debuginfo-1.0.5-9.el7.ppc64le.rpm s390x: blktrace-1.0.5-9.el7.s390x.rpm blktrace-debuginfo-1.0.5-9.el7.s390x.rpm x86_64: blktrace-1.0.5-9.el7.x86_64.rpm blktrace-debuginfo-1.0.5-9.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: blktrace-1.0.5-9.el7.src.rpm x86_64: blktrace-1.0.5-9.el7.x86_64.rpm blktrace-debuginfo-1.0.5-9.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-10689 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXUl3f9zjgjWX9erEAQjExQ/+LJpVwuqt2PJqCXcvvj3q8+4EEG1ApjZK yvGJTzXorS2ptTamCc5rZEUyoTBFN6lT39HO/R+VhO1d36s01kZRCnlCZQR6zDDE php8Q9+iQQhp3LwxOXxAFiFQRgUbpPqWOLSnvzKZNqyFYKqDXbHuhZbmg1O0rjLi 9CH3UuSUQkHhOQ6/5ruN3nqxWjCj9wmbH8qAg7BQqpTap/JyKlqjRPwCex0LFODB isP4VXsWy3vIBt/01K4JEOWu4woud/16xzB7rHCm5pOaj3NVsUh6rsOnlphLdVjG US2QhH9wwVz7948UvaufWTOiGPwHaaRXYh7nY5GNNKH40ZrzzLe4h+aUCM5peMGc uO6Tud9C48BQ49QMo/8cVl1pPCbAhRG2zimogr3aarUF+xTuLhy9JmJW9W2z2P+F ZzGY634zF5k++ciWAUs0WgHXApPz3hhtxicjU4qigoiGB62T1INA7Zrb/ByTa1XA YD/A7F6mk0YjCfRLUc9G1yfP7LWjdiyxuy4BBEi5/5p/06tRIdivY8EEqr+htaat y4L7Oyuk5DosnMJjPxSu5MQi5mmHCUfX3nXvZos7TjKnc5/WXkK80ZcLpAmfIcre fLw9GeBXV5aqMzypFAr2LiRm4ulrE19Cg/qOQ77dYCnCgmVZYrDvsxPwQX56ca5w QwdkhDZhS1o=csOk -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Aug 06, 2019
•Low
Red Hat
202
security advisoryupdatebuffer overflowopenSUSE: 2019:1224-1 Low: blktrace Buffer Overflow Fix
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for blktrace ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1224-1 Rating: low References: #1091942 Cross-References: CVE-2018-10689 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for blktrace fixes the following issues: - CVE-2018-10689: Prevent buffer overflow in the dev_map_read function because the device and devno arrays were too small (bsc#1091942) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1224=1 Package List: - openSUSE Leap 15.0 (x86_64): blktrace-1.1.0+git.20170126-lp150.2.3.1 blktrace-debuginfo-1.1.0+git.20170126-lp150.2.3.1 blktrace-debugsource-1.1.0+git.20170126-lp150.2.3.1 References: https://www.suse.com/security/cve/CVE-2018-10689.html https://bugzilla.suse.com/1091942 -- . The latest blktrace update for openSUSE addresses CVE-2018-10689, minimizing buffer overflow vulnerabilities. It’s advisable to install securely for enhanced system safety. openSUSE Security Patch, blktrace Update, buffer overflow Fix. . Severity: Low. LinuxSecurity.com Team
Apr 17, 2019
•Low
OpenSUSE
100
security advisorybuffer overflowsoftware updateSUSE: 2019:0919-1 Low Severity: Blktrace Buffer Overflow Fix
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for blktrace ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:0919-1 Rating: low References: #1091942 Cross-References: CVE-2018-10689 Affected Products: SUSE Linux Enterprise Module for Development Tools 15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for blktrace fixes the following issues: - CVE-2018-10689: Prevent buffer overflow in the dev_map_read function because the device and devno arrays were too small (bsc#1091942) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2019-919=1 Package List: - SUSE Linux Enterprise Module for Development Tools 15 (aarch64 ppc64le s390x x86_64): blktrace-1.1.0+git.20170126-3.3.28 blktrace-debuginfo-1.1.0+git.20170126-3.3.28 blktrace-debugsource-1.1.0+git.20170126-3.3.28 References: https://www.suse.com/security/cve/CVE-2018-10689.html https://bugzilla.suse.com/1091942 _______________________________________________ sle-security-updates mailing list
Apr 09, 2019
•Low
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!