Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2024:0966-1

Опубликовано: 21 мар. 2024
Источник: suse-cvrf

Описание

Security update for PackageKit

This update for PackageKit fixes the following issues:

  • CVE-2024-0217: Check that Finished signal is emitted at most once (bsc#1218544).

Список пакетов

SUSE Linux Enterprise Server 12 SP5
PackageKit-1.1.3-24.18.1
PackageKit-backend-zypp-1.1.3-24.18.1
PackageKit-lang-1.1.3-24.18.1
libpackagekit-glib2-18-1.1.3-24.18.1
typelib-1_0-PackageKitGlib-1_0-1.1.3-24.18.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
PackageKit-1.1.3-24.18.1
PackageKit-backend-zypp-1.1.3-24.18.1
PackageKit-lang-1.1.3-24.18.1
libpackagekit-glib2-18-1.1.3-24.18.1
typelib-1_0-PackageKitGlib-1_0-1.1.3-24.18.1
SUSE Linux Enterprise Software Development Kit 12 SP5
PackageKit-devel-1.1.3-24.18.1
libpackagekit-glib2-devel-1.1.3-24.18.1
SUSE Linux Enterprise Workstation Extension 12 SP5
PackageKit-gstreamer-plugin-1.1.3-24.18.1
PackageKit-gtk3-module-1.1.3-24.18.1

Ссылки

Описание

A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any previously stored data in this memory region is considered lost.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:PackageKit-1.1.3-24.18.1
SUSE Linux Enterprise Server 12 SP5:PackageKit-backend-zypp-1.1.3-24.18.1
SUSE Linux Enterprise Server 12 SP5:PackageKit-lang-1.1.3-24.18.1
SUSE Linux Enterprise Server 12 SP5:libpackagekit-glib2-18-1.1.3-24.18.1
Ссылки