SUSE-SU-2024:1805-1

Опубликовано: 28 мая 2024

Источник: suse-cvrf

Описание

Security update for glibc-livepatches

This update for glibc-livepatches fixes the following issues:

CVE-2024-2961: Fixed that the iconv() function in the GNU C Library may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set (bsc#1223019).

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP4

glibc-livepatches-0.1-150400.3.3.1

SUSE Linux Enterprise Live Patching 15 SP5

glibc-livepatches-0.1-150400.3.3.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20241805-1/
Link for SUSE-SU-2024:1805-1
https://lists.suse.com/pipermail/sle-security-updates/2024-May/018610.html
E-Mail link for SUSE-SU-2024:1805-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1223019
SUSE Bug 1223019
https://www.suse.com/security/cve/CVE-2024-2961/
SUSE CVE CVE-2024-2961 page

Описание

The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.

Затронутые продукты

SUSE Linux Enterprise Live Patching 15 SP4:glibc-livepatches-0.1-150400.3.3.1

SUSE Linux Enterprise Live Patching 15 SP5:glibc-livepatches-0.1-150400.3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-2961.html
CVE-2024-2961
https://bugzilla.suse.com/1222992
SUSE Bug 1222992
https://bugzilla.suse.com/1223019
SUSE Bug 1223019

SUSE-SU-2024:1805-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 15 SP4

SUSE Linux Enterprise Live Patching 15 SP5

Ссылки

Уязвимость: CVE-2024-2961

Описание

Затронутые продукты

Ссылки