Описание
Security update for aide
This update for aide fixes the following issues:
- CVE-2021-45417: Fix a bufferoverflow in base64 functions (bsc#1194735)
Список пакетов
HPE Helion OpenStack 8
aide-0.16-20.15.1
SUSE Linux Enterprise Server 12 SP2-BCL
aide-0.16-20.15.1
SUSE Linux Enterprise Server 12 SP3-BCL
aide-0.16-20.15.1
SUSE Linux Enterprise Server 12 SP3-LTSS
aide-0.16-20.15.1
SUSE Linux Enterprise Server 12 SP4-LTSS
aide-0.16-20.15.1
SUSE Linux Enterprise Server 12 SP5
aide-0.16-20.15.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
aide-0.16-20.15.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
aide-0.16-20.15.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
aide-0.16-20.15.1
SUSE OpenStack Cloud 8
aide-0.16-20.15.1
SUSE OpenStack Cloud 9
aide-0.16-20.15.1
SUSE OpenStack Cloud Crowbar 8
aide-0.16-20.15.1
SUSE OpenStack Cloud Crowbar 9
aide-0.16-20.15.1
Ссылки
- Link for SUSE-SU-2022:0145-1
- E-Mail link for SUSE-SU-2022:0145-1
- SUSE Security Ratings
- SUSE Bug 1194735
- SUSE CVE CVE-2021-45417 page
Описание
AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.
Затронутые продукты
HPE Helion OpenStack 8:aide-0.16-20.15.1
SUSE Linux Enterprise Server 12 SP2-BCL:aide-0.16-20.15.1
SUSE Linux Enterprise Server 12 SP3-BCL:aide-0.16-20.15.1
SUSE Linux Enterprise Server 12 SP3-LTSS:aide-0.16-20.15.1
Ссылки
- CVE-2021-45417
- SUSE Bug 1194735
- SUSE Bug 1196390
- SUSE Bug 1225074