Описание
Security update for udisks2
This update for udisks2 fixes the following issues:
Following security issues was fixed:
- CVE-2018-17336: A format string vulnerability in udisks_log (bsc#1109406)
Following non-security issues were fixed:
- strip trailing newline from sysfs raid level information (bsc#1091274)
- Fix watcher error for non-redundant raid devices. (bsc#1091274)
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15
libudisks2-0-2.6.5-3.7.2
typelib-1_0-UDisks-2_0-2.6.5-3.7.2
udisks2-2.6.5-3.7.2
udisks2-devel-2.6.5-3.7.2
udisks2-lang-2.6.5-3.7.2
Ссылки
- Link for SUSE-SU-2018:3278-1
- E-Mail link for SUSE-SU-2018:3278-1
- SUSE Security Ratings
- SUSE Bug 1091274
- SUSE Bug 1109406
- SUSE CVE CVE-2018-17336 page
Описание
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:libudisks2-0-2.6.5-3.7.2
SUSE Linux Enterprise Module for Basesystem 15:typelib-1_0-UDisks-2_0-2.6.5-3.7.2
SUSE Linux Enterprise Module for Basesystem 15:udisks2-2.6.5-3.7.2
SUSE Linux Enterprise Module for Basesystem 15:udisks2-devel-2.6.5-3.7.2
Ссылки
- CVE-2018-17336
- SUSE Bug 1109406