Описание
Security update for libplist
This update for libplist fixes the following issues:
- CVE-2017-5209: The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data (bsc#1019531).
- CVE-2017-5545: The main function in plistutil.c in libimobiledevice libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short. (bsc#1021610).
- CVE-2017-5836: A type inconsistency in bplist.c was fixed. (bsc#1023807)
- CVE-2017-5835: A memory allocation error leading to DoS was fixed. (bsc#1023822)
- CVE-2017-5834: A heap-buffer overflow in parse_dict_node was fixed. (bsc#1023848)
- CVE-2017-6440: Ensure that sanity checks work on 32-bit platforms. (bsc#1029631)
- CVE-2017-7982: Add some safety checks, backported from upstream (bsc#1035312).
- CVE-2017-5836: A maliciously crafted file could cause the application to crash. (bsc#1023807).
- CVE-2017-5835: Malicious crafted file could cause libplist to allocate large amounts of memory and consume lots of CPU (bsc#1023822)
- CVE-2017-5834: Maliciou crafted file could cause a heap buffer overflow or segmentation fault (bsc#1023848)
This update was imported from the SUSE:SLE-12-SP2:Update update project.
Список пакетов
openSUSE Leap 42.2
Ссылки
- E-Mail link for openSUSE-SU-2017:1426-1
- SUSE Security Ratings
Описание
The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data.
Затронутые продукты
Ссылки
- CVE-2017-5209
- SUSE Bug 1019531
- SUSE Bug 1021610
Описание
The main function in plistutil.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.
Затронутые продукты
Ссылки
- CVE-2017-5545
- SUSE Bug 1021610
Описание
The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.
Затронутые продукты
Ссылки
- CVE-2017-5834
- SUSE Bug 1023848
Описание
libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
Затронутые продукты
Ссылки
- CVE-2017-5835
- SUSE Bug 1023822
Описание
The plist_free_data function in plist.c in libplist allows attackers to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an invalid free.
Затронутые продукты
Ссылки
- CVE-2017-5836
- SUSE Bug 1023807
- SUSE Bug 1023848
Описание
The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
Затронутые продукты
Ссылки
- CVE-2017-6440
- SUSE Bug 1029631
- SUSE Bug 1029706
Описание
Integer overflow in the plist_from_bin function in bplist.c in libimobiledevice/libplist before 2017-04-19 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted plist file.
Затронутые продукты
Ссылки
- CVE-2017-7982
- SUSE Bug 1035312