SUSE-SU-2020:0410-1
- Source
- https://www.suse.com/support/update/announcement/2020/suse-su-20200410-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:0410-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2020:0410-1
- Related
- Published
- 2020-02-19T08:34:17Z
- Modified
- 2025-05-02T04:09:06.987338Z
- Upstream
- Summary
- Security update for wicked
- Details
-
This update for wicked fixes the following issues:
- CVE-2019-18902: Fixed a use-after-free when receiving invalid DHCP6 client options (bsc#1160903).
- CVE-2019-18903: Fixed a use-after-free when receiving invalid DHCP6 IA_PD option (bsc#1160904).
- CVE-2020-7216: Fixed a potential denial of service via a memory leak when processing packets with missing message type option in DHCP4 (bsc#1160905).
- CVE-2020-7217: Fixed a memory leak in DHCP4 fsm when processing packets for other client ids (bsc#1160906).
- References
-
- https://www.suse.com/support/update/announcement/2020/suse-su-20200410-1/
- https://bugzilla.suse.com/1160903
- https://bugzilla.suse.com/1160904
- https://bugzilla.suse.com/1160905
- https://bugzilla.suse.com/1160906
- https://www.suse.com/security/cve/CVE-2019-18902
- https://www.suse.com/security/cve/CVE-2019-18903
- https://www.suse.com/security/cve/CVE-2020-7216
- https://www.suse.com/security/cve/CVE-2020-7217