Описание
Security update for hivex
This update fixes the following security issue:
- CVE-2014-9273: Possible DOS because of missing size checks (bnc#908614)
Список пакетов
SUSE Linux Enterprise Server 12
libhivex0-1.3.10-4.1
perl-Win-Hivex-1.3.10-4.1
SUSE Linux Enterprise Server for SAP Applications 12
libhivex0-1.3.10-4.1
perl-Win-Hivex-1.3.10-4.1
SUSE Linux Enterprise Software Development Kit 12
hivex-devel-1.3.10-4.1
Ссылки
- Link for SUSE-SU-2015:0320-1
- E-Mail link for SUSE-SU-2015:0320-1
- SUSE Security Ratings
- SUSE Bug 908614
- SUSE CVE CVE-2014-9273 page
Описание
lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.
Затронутые продукты
SUSE Linux Enterprise Server 12:libhivex0-1.3.10-4.1
SUSE Linux Enterprise Server 12:perl-Win-Hivex-1.3.10-4.1
SUSE Linux Enterprise Server for SAP Applications 12:libhivex0-1.3.10-4.1
SUSE Linux Enterprise Server for SAP Applications 12:perl-Win-Hivex-1.3.10-4.1
Ссылки
- CVE-2014-9273
- SUSE Bug 908614