Описание
Security update for libpcap
This update for libpcap fixes the following issues:
- CVE-2019-15165: Added sanity checks for PHB header length before allocating memory (bsc#1153332).
- CVE-2018-16301: Fixed a buffer overflow (bsc#1153332).
Список пакетов
Container suse/sle-micro/5.0/toolbox:latest
libpcap1-1.8.1-4.3.1
Container suse/sles/15.2/virt-launcher:0.38.1
libpcap1-1.8.1-4.3.1
SUSE Linux Enterprise Module for Basesystem 15
libpcap-devel-1.8.1-4.3.1
libpcap1-1.8.1-4.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP1
libpcap-devel-1.8.1-4.3.1
libpcap1-1.8.1-4.3.1
Ссылки
- Link for SUSE-SU-2019:2673-1
- E-Mail link for SUSE-SU-2019:2673-1
- SUSE Security Ratings
- SUSE Bug 1153332
- SUSE CVE CVE-2018-16301 page
- SUSE CVE CVE-2019-15165 page
Описание
The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.
Затронутые продукты
Container suse/sle-micro/5.0/toolbox:latest:libpcap1-1.8.1-4.3.1
Container suse/sles/15.2/virt-launcher:0.38.1:libpcap1-1.8.1-4.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP1:libpcap-devel-1.8.1-4.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP1:libpcap1-1.8.1-4.3.1
Ссылки
- CVE-2018-16301
- SUSE Bug 1153098
- SUSE Bug 1153332
- SUSE Bug 1195825
Описание
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.
Затронутые продукты
Container suse/sle-micro/5.0/toolbox:latest:libpcap1-1.8.1-4.3.1
Container suse/sles/15.2/virt-launcher:0.38.1:libpcap1-1.8.1-4.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP1:libpcap-devel-1.8.1-4.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP1:libpcap1-1.8.1-4.3.1
Ссылки
- CVE-2019-15165
- SUSE Bug 1153332