Описание
Security update for dhcpcd
dhcpcd was updated to fix three security issues.
These security issues were fixed:
- CVE-2012-6698: A potential out of bounds write was fixed, which could lead to memory corruption, triggerable by network local attackers.
- CVE-2012-6699: A loop error was fixed that could lead out of bound reads, triggerable by network local attackers.
- CVE-2012-6700: An incorrect free could lead to crashes, triggerable by network local attackers.
Список пакетов
SUSE Linux Enterprise Desktop 11 SP3
dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Desktop 11 SP4
dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Server 11 SP2-LTSS
dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Server 11 SP3
dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Server 11 SP3-TERADATA
dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Server 11 SP4
dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP3
dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP4
dhcpcd-3.2.3-45.5.3
Ссылки
- Link for SUSE-SU-2015:2174-1
- E-Mail link for SUSE-SU-2015:2174-1
- SUSE Security Ratings
- SUSE Bug 955762
- SUSE CVE CVE-2012-6698 page
- SUSE CVE CVE-2012-6699 page
- SUSE CVE CVE-2012-6700 page
Описание
The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds write) via a crafted response.
Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Desktop 11 SP4:dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Server 11 SP2-LTSS:dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Server 11 SP3-TERADATA:dhcpcd-3.2.3-45.5.3
Ссылки
- CVE-2012-6698
- SUSE Bug 955762
Описание
The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial of service (out-of-bounds read) via a crafted response.
Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Desktop 11 SP4:dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Server 11 SP2-LTSS:dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Server 11 SP3-TERADATA:dhcpcd-3.2.3-45.5.3
Ссылки
- CVE-2012-6699
- SUSE Bug 955762
Описание
The decode_search function in dhcp.c in dhcpcd 3.x does not properly free allocated memory, which allows remote DHCP servers to cause a denial of service via a crafted response.
Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Desktop 11 SP4:dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Server 11 SP2-LTSS:dhcpcd-3.2.3-45.5.3
SUSE Linux Enterprise Server 11 SP3-TERADATA:dhcpcd-3.2.3-45.5.3
Ссылки
- CVE-2012-6700
- SUSE Bug 955762