SUSE-SU-2022:2666-1

Опубликовано: 04 авг. 2022

Источник: suse-cvrf

Описание

Security update for u-boot

This update for u-boot fixes the following issues:

CVE-2022-34835: Fixed stack buffer overflow vulnerability in i2c md command (bsc#1201214).

Список пакетов

SUSE Linux Enterprise Server 12 SP5

u-boot-rpi3-2019.01-5.11.1

u-boot-tools-2019.01-5.11.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5

u-boot-rpi3-2019.01-5.11.1

u-boot-tools-2019.01-5.11.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20222666-1/
Link for SUSE-SU-2022:2666-1
https://lists.suse.com/pipermail/sle-security-updates/2022-August/011799.html
E-Mail link for SUSE-SU-2022:2666-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1201214
SUSE Bug 1201214
https://www.suse.com/security/cve/CVE-2022-34835/
SUSE CVE CVE-2022-34835 page

Описание

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the do_i2c_md function.

Затронутые продукты

SUSE Linux Enterprise Server 12 SP5:u-boot-rpi3-2019.01-5.11.1

SUSE Linux Enterprise Server 12 SP5:u-boot-tools-2019.01-5.11.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5:u-boot-rpi3-2019.01-5.11.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5:u-boot-tools-2019.01-5.11.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-34835.html
CVE-2022-34835
https://bugzilla.suse.com/1201214
SUSE Bug 1201214

SUSE-SU-2022:2666-1

Описание

Список пакетов

SUSE Linux Enterprise Server 12 SP5

SUSE Linux Enterprise Server for SAP Applications 12 SP5

Ссылки

Уязвимость: CVE-2022-34835

Описание

Затронутые продукты

Ссылки