openSUSE-SU-2018:0668-1

Опубликовано: 12 мар. 2018

Источник: suse-cvrf

Описание

Security update for glibc

This update for glibc fixes the following issues:

CVE-2017-12133: Avoid use-after-free read access in clntudp_call (bsc#1081556)

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Список пакетов

openSUSE Leap 42.3

glibc-2.22-16.3

glibc-32bit-2.22-16.3

glibc-devel-2.22-16.3

glibc-devel-32bit-2.22-16.3

glibc-devel-static-2.22-16.3

glibc-devel-static-32bit-2.22-16.3

glibc-extra-2.22-16.3

glibc-html-2.22-16.3

glibc-i18ndata-2.22-16.3

glibc-info-2.22-16.3

glibc-locale-2.22-16.3

glibc-locale-32bit-2.22-16.3

glibc-profile-2.22-16.3

glibc-profile-32bit-2.22-16.3

glibc-testsuite-2.22-16.3

glibc-utils-2.22-16.3

glibc-utils-32bit-2.22-16.3

nscd-2.22-16.3

Ссылки

https://lists.opensuse.org/opensuse-updates/2018-03/msg00037.html
E-Mail link for openSUSE-SU-2018:0668-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.

Затронутые продукты

openSUSE Leap 42.3:glibc-2.22-16.3

openSUSE Leap 42.3:glibc-32bit-2.22-16.3

openSUSE Leap 42.3:glibc-devel-2.22-16.3

openSUSE Leap 42.3:glibc-devel-32bit-2.22-16.3

Ссылки

https://www.suse.com/security/cve/CVE-2017-12133.html
CVE-2017-12133
https://bugzilla.suse.com/1081556
SUSE Bug 1081556
https://bugzilla.suse.com/1089314
SUSE Bug 1089314
https://bugzilla.suse.com/980854
SUSE Bug 980854

openSUSE-SU-2018:0668-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2017-12133

Описание

Затронутые продукты

Ссылки