Описание
Security update for libcdio
This update for libcdio and libcdio-mini fixes the following issues:
Security issue fixed:
- CVE-2017-18199: Fixed a NULL Pointer Dereference in realloc_symlink which could allow remote attackers to cause Denial of Service (bsc#1082821).
Список пакетов
SUSE Linux Enterprise Point of Sale 11 SP3
libcdio7-0.80-8.3.5
libcdio_cdda0-0.80-8.3.5
libcdio_paranoia0-0.80-8.3.5
Ссылки
- Link for SUSE-SU-2020:14498-1
- E-Mail link for SUSE-SU-2020:14498-1
- SUSE Security Ratings
- SUSE Bug 1082821
- SUSE CVE CVE-2017-18199 page
Описание
realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.
Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:libcdio7-0.80-8.3.5
SUSE Linux Enterprise Point of Sale 11 SP3:libcdio_cdda0-0.80-8.3.5
SUSE Linux Enterprise Point of Sale 11 SP3:libcdio_paranoia0-0.80-8.3.5
Ссылки
- CVE-2017-18199
- SUSE Bug 1082821