|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-1: CVE-2017-9041: binutils: readelf-heapoverflow2-byte_get_little_endian | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Mikhail Kasimov <mikhail.kasimov> |
| Component: | Incidents | Assignee: | Michael Matz <matz> |
| Status: | NEW --- | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P4 - Low | CC: | meissner, wolfgang.frisch |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/185115/ | ||
| Whiteboard: | CVSSv2:SUSE:CVE-2017-9040:2.6:(AV:N/AC:H/Au:N/C:N/I:N/A:P) CVSSv2:SUSE:CVE-2017-9041:2.6:(AV:N/AC:H/Au:N/C:N/I:N/A:P) CVSSv3:SUSE:CVE-2017-9040:3.7:(AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) CVSSv3:SUSE:CVE-2017-9041:3.7:(AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) | ||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Attachments: | binutils-readelf-heapoverflow2-byte_get_little_endian_reproducer | ||
|
Description
Mikhail Kasimov
2017-05-12 13:28:24 UTC
SUSE-SU-2017:3170-1: An update that solves 57 vulnerabilities and has 18 fixes is now available. Category: security (moderate) Bug References: 1003846,1025282,1029907,1029908,1029909,1029995,1030296,1030297,1030298,1030583,1030584,1030585,1030588,1030589,1031590,1031593,1031595,1031638,1031644,1031656,1033122,1037052,1037057,1037061,1037062,1037066,1037070,1037072,1037273,1038874,1038875,1038876,1038877,1038878,1038880,1038881,1044891,1044897,1044901,1044909,1044925,1044927,1046094,1052061,1052496,1052503,1052507,1052509,1052511,1052514,1052518,1053347,1056312,1056437,1057139,1057144,1057149,1058480,1059050,1060599,1060621,1061241,437293,445037,546106,561142,578249,590820,691290,698346,713504,776968,863764,938658,970239 CVE References: CVE-2014-9939,CVE-2017-12448,CVE-2017-12450,CVE-2017-12452,CVE-2017-12453,CVE-2017-12454,CVE-2017-12456,CVE-2017-12799,CVE-2017-13757,CVE-2017-14128,CVE-2017-14129,CVE-2017-14130,CVE-2017-14333,CVE-2017-14529,CVE-2017-14729,CVE-2017-14745,CVE-2017-14974,CVE-2017-6965,CVE-2017-6966,CVE-2017-6969,CVE-2017-7209,CVE-2017-7210,CVE-2017-7223,CVE-2017-7224,CVE-2017-7225,CVE-2017-7226,CVE-2017-7227,CVE-2017-7299,CVE-2017-7300,CVE-2017-7301,CVE-2017-7302,CVE-2017-7303,CVE-2017-7304,CVE-2017-7614,CVE-2017-8392,CVE-2017-8393,CVE-2017-8394,CVE-2017-8395,CVE-2017-8396,CVE-2017-8397,CVE-2017-8398,CVE-2017-8421,CVE-2017-9038,CVE-2017-9039,CVE-2017-9040,CVE-2017-9041,CVE-2017-9042,CVE-2017-9043,CVE-2017-9044,CVE-2017-9746,CVE-2017-9747,CVE-2017-9748,CVE-2017-9750,CVE-2017-9755,CVE-2017-9756,CVE-2017-9954,CVE-2017-9955 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP3 (src): binutils-2.29.1-9.20.2, cross-ppc-binutils-2.29.1-9.20.2, cross-spu-binutils-2.29.1-9.20.2 SUSE Linux Enterprise Software Development Kit 12-SP2 (src): binutils-2.29.1-9.20.2, cross-ppc-binutils-2.29.1-9.20.2, cross-spu-binutils-2.29.1-9.20.2 SUSE Linux Enterprise Server for SAP 12-SP1 (src): binutils-2.29.1-9.20.2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src): binutils-2.29.1-9.20.2 SUSE Linux Enterprise Server 12-SP3 (src): binutils-2.29.1-9.20.2 SUSE Linux Enterprise Server 12-SP2 (src): binutils-2.29.1-9.20.2 SUSE Linux Enterprise Desktop 12-SP3 (src): binutils-2.29.1-9.20.2 SUSE Linux Enterprise Desktop 12-SP2 (src): binutils-2.29.1-9.20.2 OpenStack Cloud Magnum Orchestration 7 (src): binutils-2.29.1-9.20.2 openSUSE-SU-2017:3199-1: An update that solves 57 vulnerabilities and has 18 fixes is now available. Category: security (moderate) Bug References: 1003846,1025282,1029907,1029908,1029909,1029995,1030296,1030297,1030298,1030583,1030584,1030585,1030588,1030589,1031590,1031593,1031595,1031638,1031644,1031656,1033122,1037052,1037057,1037061,1037062,1037066,1037070,1037072,1037273,1038874,1038875,1038876,1038877,1038878,1038880,1038881,1044891,1044897,1044901,1044909,1044925,1044927,1046094,1052061,1052496,1052503,1052507,1052509,1052511,1052514,1052518,1053347,1056312,1056437,1057139,1057144,1057149,1058480,1059050,1060599,1060621,1061241,437293,445037,546106,561142,578249,590820,691290,698346,713504,776968,863764,938658,970239 CVE References: CVE-2014-9939,CVE-2017-12448,CVE-2017-12450,CVE-2017-12452,CVE-2017-12453,CVE-2017-12454,CVE-2017-12456,CVE-2017-12799,CVE-2017-13757,CVE-2017-14128,CVE-2017-14129,CVE-2017-14130,CVE-2017-14333,CVE-2017-14529,CVE-2017-14729,CVE-2017-14745,CVE-2017-14974,CVE-2017-6965,CVE-2017-6966,CVE-2017-6969,CVE-2017-7209,CVE-2017-7210,CVE-2017-7223,CVE-2017-7224,CVE-2017-7225,CVE-2017-7226,CVE-2017-7227,CVE-2017-7299,CVE-2017-7300,CVE-2017-7301,CVE-2017-7302,CVE-2017-7303,CVE-2017-7304,CVE-2017-7614,CVE-2017-8392,CVE-2017-8393,CVE-2017-8394,CVE-2017-8395,CVE-2017-8396,CVE-2017-8397,CVE-2017-8398,CVE-2017-8421,CVE-2017-9038,CVE-2017-9039,CVE-2017-9040,CVE-2017-9041,CVE-2017-9042,CVE-2017-9043,CVE-2017-9044,CVE-2017-9746,CVE-2017-9747,CVE-2017-9748,CVE-2017-9750,CVE-2017-9755,CVE-2017-9756,CVE-2017-9954,CVE-2017-9955 Sources used: openSUSE Leap 42.3 (src): binutils-2.29.1-13.1, cross-aarch64-binutils-2.29.1-13.1, cross-arm-binutils-2.29.1-13.1, cross-avr-binutils-2.29.1-13.1, cross-hppa-binutils-2.29.1-13.1, cross-hppa64-binutils-2.29.1-13.1, cross-i386-binutils-2.29.1-13.1, cross-ia64-binutils-2.29.1-13.1, cross-m68k-binutils-2.29.1-13.1, cross-mips-binutils-2.29.1-13.1, cross-ppc-binutils-2.29.1-13.1, cross-ppc64-binutils-2.29.1-13.1, cross-ppc64le-binutils-2.29.1-13.1, cross-s390-binutils-2.29.1-13.1, cross-s390x-binutils-2.29.1-13.1, cross-sparc-binutils-2.29.1-13.1, cross-sparc64-binutils-2.29.1-13.1, cross-spu-binutils-2.29.1-13.1, cross-x86_64-binutils-2.29.1-13.1 openSUSE Leap 42.2 (src): binutils-2.29.1-9.6.1, cross-aarch64-binutils-2.29.1-9.6.1, cross-arm-binutils-2.29.1-9.6.1, cross-avr-binutils-2.29.1-9.6.1, cross-hppa-binutils-2.29.1-9.6.1, cross-hppa64-binutils-2.29.1-9.6.1, cross-i386-binutils-2.29.1-9.6.1, cross-ia64-binutils-2.29.1-9.6.1, cross-m68k-binutils-2.29.1-9.6.1, cross-mips-binutils-2.29.1-9.6.1, cross-ppc-binutils-2.29.1-9.6.1, cross-ppc64-binutils-2.29.1-9.6.1, cross-ppc64le-binutils-2.29.1-9.6.1, cross-s390-binutils-2.29.1-9.6.1, cross-s390x-binutils-2.29.1-9.6.1, cross-sparc-binutils-2.29.1-9.6.1, cross-sparc64-binutils-2.29.1-9.6.1, cross-spu-binutils-2.29.1-9.6.1, cross-x86_64-binutils-2.29.1-9.6.1 |