Описание
Security update for mgetty
This update for mgetty fixes the following issues:
- CVE-2019-1010190: Fixed a denial of service which could be caused by a local attacker in putwhitespan() (bsc#1142770).
Список пакетов
SUSE Linux Enterprise Server 12 SP4
g3utils-1.1.36-58.9.2
mgetty-1.1.36-58.9.2
SUSE Linux Enterprise Server 12 SP5
g3utils-1.1.36-58.9.2
mgetty-1.1.36-58.9.2
SUSE Linux Enterprise Server for SAP Applications 12 SP4
g3utils-1.1.36-58.9.2
mgetty-1.1.36-58.9.2
SUSE Linux Enterprise Server for SAP Applications 12 SP5
g3utils-1.1.36-58.9.2
mgetty-1.1.36-58.9.2
Ссылки
- Link for SUSE-SU-2020:0853-1
- E-Mail link for SUSE-SU-2020:0853-1
- SUSE Security Ratings
- SUSE Bug 1142770
- SUSE CVE CVE-2019-1010190 page
Описание
mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact is: DoS, the program may crash if the memory is not mapped. The component is: putwhitespan() in g3/pbm2g3.c. The attack vector is: Local, the victim must open a specially crafted file. The fixed version is: 1.2.1.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP4:g3utils-1.1.36-58.9.2
SUSE Linux Enterprise Server 12 SP4:mgetty-1.1.36-58.9.2
SUSE Linux Enterprise Server 12 SP5:g3utils-1.1.36-58.9.2
SUSE Linux Enterprise Server 12 SP5:mgetty-1.1.36-58.9.2
Ссылки
- CVE-2019-1010190
- SUSE Bug 1142770