Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:3245-1

Опубликовано: 12 сент. 2022
Источник: suse-cvrf

Описание

Security update for libyang

This update for libyang fixes the following issues:

  • CVE-2021-28906: Fixed missing check in read_yin_leaf that can lead to DoS (bsc#1186378)
  • CVE-2021-28904: Fixed missing check in ext_get_plugin that lead to DoS (bsc#1186376).
  • CVE-2021-28903: Fixed stack overflow in lyxml_parse_mem (bsc#1186375).
  • CVE-2021-28902: Fixed missing check in read_yin_container that can lead to DoS (bsc#1186374).

Список пакетов

SUSE Linux Enterprise Module for Server Applications 15 SP3
libyang-extentions-1.0.184-150300.3.6.1
libyang1-1.0.184-150300.3.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP4
libyang-extentions-1.0.184-150300.3.6.1
libyang1-1.0.184-150300.3.6.1
openSUSE Leap 15.3
libyang-cpp-devel-1.0.184-150300.3.6.1
libyang-cpp1-1.0.184-150300.3.6.1
libyang-devel-1.0.184-150300.3.6.1
libyang-doc-1.0.184-150300.3.6.1
libyang-extentions-1.0.184-150300.3.6.1
libyang1-1.0.184-150300.3.6.1
python3-yang-1.0.184-150300.3.6.1
yang-tools-1.0.184-150300.3.6.1
openSUSE Leap 15.4
libyang-cpp-devel-1.0.184-150300.3.6.1
libyang-cpp1-1.0.184-150300.3.6.1
libyang-devel-1.0.184-150300.3.6.1
libyang-doc-1.0.184-150300.3.6.1
libyang-extentions-1.0.184-150300.3.6.1
libyang1-1.0.184-150300.3.6.1
python3-yang-1.0.184-150300.3.6.1
yang-tools-1.0.184-150300.3.6.1

Ссылки

Описание

In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->flags that results in a crash.

Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP3:libyang-extentions-1.0.184-150300.3.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP3:libyang1-1.0.184-150300.3.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP4:libyang-extentions-1.0.184-150300.3.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP4:libyang1-1.0.184-150300.3.6.1
Ссылки

Описание

A stack overflow in libyang <= v1.0.225 can cause a denial of service through function lyxml_parse_mem(). lyxml_parse_elem() function will be called recursively, which will consume stack space and lead to crash.

Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP3:libyang-extentions-1.0.184-150300.3.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP3:libyang1-1.0.184-150300.3.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP4:libyang-extentions-1.0.184-150300.3.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP4:libyang1-1.0.184-150300.3.6.1
Ссылки

Описание

In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash.

Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP3:libyang-extentions-1.0.184-150300.3.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP3:libyang1-1.0.184-150300.3.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP4:libyang-extentions-1.0.184-150300.3.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP4:libyang1-1.0.184-150300.3.6.1
Ссылки

Описание

In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->flags that results in a crash.

Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP3:libyang-extentions-1.0.184-150300.3.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP3:libyang1-1.0.184-150300.3.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP4:libyang-extentions-1.0.184-150300.3.6.1
SUSE Linux Enterprise Module for Server Applications 15 SP4:libyang1-1.0.184-150300.3.6.1
Ссылки
Уязвимость SUSE-SU-2022:3245-1