Описание
Security update for libplist
This update for libplist fixes the following issues:
- CVE-2017-5209: The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data (bsc#1019531).
- CVE-2017-5545: The main function in plistutil.c in libimobiledevice libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short. (bsc#1021610).
- CVE-2017-5836: A type inconsistency in bplist.c was fixed. (bsc#1023807)
- CVE-2017-5835: A memory allocation error leading to DoS was fixed. (bsc#1023822)
- CVE-2017-5834: A heap-buffer overflow in parse_dict_node was fixed. (bsc#1023848)
- CVE-2017-6440: Ensure that sanity checks work on 32-bit platforms. (bsc#1029631)
- CVE-2017-7982: Add some safety checks, backported from upstream (bsc#1035312).
- CVE-2017-5836: A maliciously crafted file could cause the application to crash. (bsc#1023807).
- CVE-2017-5835: Malicious crafted file could cause libplist to allocate large amounts of memory and consume lots of CPU (bsc#1023822)
- CVE-2017-5834: Maliciou crafted file could cause a heap buffer overflow or segmentation fault (bsc#1023848)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Workstation Extension 12 SP2
Ссылки
- Link for SUSE-SU-2017:1379-1
- E-Mail link for SUSE-SU-2017:1379-1
- SUSE Security Ratings
- SUSE Bug 1019531
- SUSE Bug 1021610
- SUSE Bug 1023807
- SUSE Bug 1023822
- SUSE Bug 1023848
- SUSE Bug 1029631
- SUSE Bug 1035312
- SUSE CVE CVE-2017-5209 page
- SUSE CVE CVE-2017-5545 page
- SUSE CVE CVE-2017-5834 page
- SUSE CVE CVE-2017-5835 page
- SUSE CVE CVE-2017-5836 page
- SUSE CVE CVE-2017-6440 page
- SUSE CVE CVE-2017-7982 page
Описание
The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data.
Затронутые продукты
Ссылки
- CVE-2017-5209
- SUSE Bug 1019531
- SUSE Bug 1021610
Описание
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
Затронутые продукты
Ссылки
- CVE-2017-5545
- SUSE Bug 1021610
Описание
The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
Затронутые продукты
Ссылки
- CVE-2017-5834
- SUSE Bug 1023848
Описание
libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
Затронутые продукты
Ссылки
- CVE-2017-5835
- SUSE Bug 1023822
Описание
The plist_free_data function in plist.c in libplist allows attackers to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an invalid free.
Затронутые продукты
Ссылки
- CVE-2017-5836
- SUSE Bug 1023807
- SUSE Bug 1023848
Описание
The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
Затронутые продукты
Ссылки
- CVE-2017-6440
- SUSE Bug 1029631
- SUSE Bug 1029706
Описание
Integer overflow in the plist_from_bin function in bplist.c in libimobiledevice/libplist before 2017-04-19 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted plist file.
Затронутые продукты
Ссылки
- CVE-2017-7982
- SUSE Bug 1035312