SUSE-SU-2019:0571-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:0571-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2019:0571-1
- Related
- Published
- 2019-03-07T17:13:53Z
- Modified
- 2019-03-07T17:13:53Z
- Summary
- Security update for file
- Details
-
This update for file fixes the following issues:
The following security vulnerabilities were addressed:
- CVE-2018-10360: Fixed an out-of-bounds read in the function docorenote in readelf.c, which allowed remote attackers to cause a denial of service (application crash) via a crafted ELF file (bsc#1096974)
- CVE-2019-8905: Fixed a stack-based buffer over-read in docorenote in readelf.c (bsc#1126118)
- CVE-2019-8906: Fixed an out-of-bounds read in docorenote in readelf. c (bsc#1126119)
- CVE-2019-8907: Fixed a stack corruption in docorenote in readelf.c (bsc#1126117)
- References
-
- https://www.suse.com/support/update/announcement/2019/suse-su-20190571-1/
- https://bugzilla.suse.com/1096974
- https://bugzilla.suse.com/1096984
- https://bugzilla.suse.com/1126117
- https://bugzilla.suse.com/1126118
- https://bugzilla.suse.com/1126119
- https://www.suse.com/security/cve/CVE-2018-10360
- https://www.suse.com/security/cve/CVE-2019-8905
- https://www.suse.com/security/cve/CVE-2019-8906
- https://www.suse.com/security/cve/CVE-2019-8907
Affected packages
SUSE:Linux Enterprise Module for Basesystem 15 / file
Package
- Name
- file
- Purl
- purl:rpm/suse/file&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015
SUSE:Linux Enterprise Module for Basesystem 15 / python-magic
Package
- Name
- python-magic
- Purl
- purl:rpm/suse/python-magic&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015