Описание
Security update for zeromq
This update for zeromq fixes the following issues:
Security issue fixed:
- CVE-2019-6250: fix a remote execution vulnerability due to pointer arithmetic overflow (bsc#1121717)
Список пакетов
Container containers/lmcache-vllm-openai:0
libzmq5-4.2.3-3.3.2
Container containers/open-webui:0
libzmq5-4.2.3-3.3.2
Container containers/vllm-openai:0
libzmq5-4.2.3-3.3.2
Container suse/manager/4.3/proxy-salt-broker:latest
libzmq5-4.2.3-3.3.2
Container suse/manager/5.0/x86_64/proxy-salt-broker:latest
libzmq5-4.2.3-3.3.2
Container suse/manager/5.0/x86_64/server:latest
libzmq5-4.2.3-3.3.2
Container suse/multi-linux-manager/5.1/x86_64/proxy-salt-broker:latest
libzmq5-4.2.3-3.3.2
Container suse/multi-linux-manager/5.1/x86_64/server:latest
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-BYOS-EC2-HVM
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-HPC-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-HPC-BYOS-EC2-HVM
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-HPC-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-Micro-5-1-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-Micro-5-1-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-Micro-5-2-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-Micro-5-2-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-Micro-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-SAP-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-SAP-BYOS-EC2-HVM
libzmq5-4.2.3-3.3.2
Image SLES15-SP3-SAP-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-BYOS
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-HPC-BYOS
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-HPC-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-HPC-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-HPC-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-HPC-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-HPC-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Hardened-BYOS
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Hardened-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Hardened-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Hardened-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Manager-Proxy-4-3-BYOS
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Manager-Server-4-3
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Manager-Server-4-3-Azure-llc
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Manager-Server-4-3-Azure-ltd
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Manager-Server-4-3-BYOS
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Manager-Server-4-3-EC2-llc
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Manager-Server-4-3-EC2-ltd
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-3
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-3-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-3-BYOS
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-3-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-3-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-3-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-3-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-3-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-4
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-4-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-4-BYOS
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-4-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-4-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-4-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-4-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-Micro-5-4-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-SAP-BYOS
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-SAP-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-SAP-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-SAP-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-SAP-Hardened-BYOS
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-SAP-Hardened-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-SAP-Hardened-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP4-SAP-Hardened-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-HPC-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-HPC-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-HPC-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-HPC-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-HPC-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-Hardened-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-Hardened-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-Hardened-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-Micro-5-5
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-Micro-5-5-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-Micro-5-5-BYOS
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-Micro-5-5-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-Micro-5-5-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-Micro-5-5-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-Micro-5-5-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-Micro-5-5-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-SAP-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-SAP-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-SAP-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-SAP-Hardened-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-SAP-Hardened-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-SAP-Hardened-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP5-SAP-Hardened-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-BYOS
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-HPC-BYOS
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-HPC-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-HPC-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-HPC-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-HPC-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-HPC-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-Hardened-BYOS
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-Hardened-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-Hardened-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-Hardened-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-SAP-BYOS
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-SAP-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-SAP-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-SAP-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-SAP-Hardened-BYOS
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-SAP-Hardened-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-SAP-Hardened-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-SAP-Hardened-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP6-SAP-Hardened-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP7-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP7-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP7-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP7-HPC-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP7-HPC-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP7-HPC-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP7-Hardened-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP7-Hardened-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP7-Hardened-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP7-SAP-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP7-SAP-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP7-SAP-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image SLES15-SP7-SAP-Hardened-BYOS-Azure
libzmq5-4.2.3-3.3.2
Image SLES15-SP7-SAP-Hardened-BYOS-EC2
libzmq5-4.2.3-3.3.2
Image SLES15-SP7-SAP-Hardened-BYOS-GCE
libzmq5-4.2.3-3.3.2
Image ai_15_6
libzmq5-4.2.3-3.3.2
Image proxy-salt-broker-image
libzmq5-4.2.3-3.3.2
Image server-image
libzmq5-4.2.3-3.3.2
SUSE Linux Enterprise Module for Basesystem 15
libzmq5-4.2.3-3.3.2
zeromq-devel-4.2.3-3.3.2
Ссылки
- Link for SUSE-SU-2019:0110-1
- E-Mail link for SUSE-SU-2019:0110-1
- SUSE Security Ratings
- SUSE Bug 1121717
- SUSE CVE CVE-2019-6250 page
Описание
A pointer overflow, with code execution, was discovered in ZeroMQ libzmq (aka 0MQ) 4.2.x and 4.3.x before 4.3.1. A v2_decoder.cpp zmq::v2_decoder_t::size_ready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leveraged to run arbitrary code on the target system. The memory layout allows the attacker to inject OS commands into a data structure located immediately after the problematic buffer (i.e., it is not necessary to use a typical buffer-overflow exploitation technique that changes the flow of control).
Затронутые продукты
Container containers/lmcache-vllm-openai:0:libzmq5-4.2.3-3.3.2
Container containers/open-webui:0:libzmq5-4.2.3-3.3.2
Container containers/vllm-openai:0:libzmq5-4.2.3-3.3.2
Container suse/manager/4.3/proxy-salt-broker:latest:libzmq5-4.2.3-3.3.2
Ссылки
- CVE-2019-6250
- SUSE Bug 1121717
- SUSE Bug 1122012