Описание
Security update for unixODBC
This update for unixODBC fixes the following issues:
- CVE-2024-1013: Fixed out of bounds stack write due to pointer-to-integer types conversion on 64-bit architectures (bsc#1228143)
Список пакетов
SUSE Linux Enterprise Server 12 SP5
libodbc2-2.3.9-7.16.1
libodbc2-32bit-2.3.9-7.16.1
unixODBC-2.3.9-7.16.1
unixODBC-32bit-2.3.9-7.16.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libodbc2-2.3.9-7.16.1
libodbc2-32bit-2.3.9-7.16.1
unixODBC-2.3.9-7.16.1
unixODBC-32bit-2.3.9-7.16.1
SUSE Linux Enterprise Software Development Kit 12 SP5
unixODBC-devel-2.3.9-7.16.1
Ссылки
- Link for SUSE-SU-2024:2978-1
- E-Mail link for SUSE-SU-2024:2978-1
- SUSE Security Ratings
- SUSE Bug 1228143
- SUSE CVE CVE-2024-1013 page
Описание
An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:libodbc2-2.3.9-7.16.1
SUSE Linux Enterprise Server 12 SP5:libodbc2-32bit-2.3.9-7.16.1
SUSE Linux Enterprise Server 12 SP5:unixODBC-2.3.9-7.16.1
SUSE Linux Enterprise Server 12 SP5:unixODBC-32bit-2.3.9-7.16.1
Ссылки
- CVE-2024-1013
- SUSE Bug 1228143