|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-1: CVE-2017-11358: sox: The read_samples function in hcom.c allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file. | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Karol Babioch <karol> |
| Component: | Incidents | Assignee: | Security Team bot <security-team> |
| Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P4 - Low | ||
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| Whiteboard: | CVSSv3:SUSE:CVE-2017-11358:5.5:(AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) maint:planned:update | ||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
Karol Babioch
2018-02-15 10:19:53 UTC
This is an autogenerated message for OBS integration: This bug (1081141) was mentioned in https://build.opensuse.org/request/show/576953 42.3 / sox openSUSE-SU-2018:0489-1: An update that fixes 8 vulnerabilities is now available. Category: security (moderate) Bug References: 1063439,1063450,1063456,1064576,1081140,1081141,1081142,1081146 CVE References: CVE-2017-11332,CVE-2017-11358,CVE-2017-11359,CVE-2017-15370,CVE-2017-15371,CVE-2017-15372,CVE-2017-15642,CVE-2017-18189 Sources used: SUSE Package Hub for SUSE Linux Enterprise 12 (src): sox-14.4.2-5.1 openSUSE-SU-2018:0493-1: An update that fixes 8 vulnerabilities is now available. Category: security (moderate) Bug References: 1063439,1063450,1063456,1064576,1081140,1081141,1081142,1081146 CVE References: CVE-2017-11332,CVE-2017-11358,CVE-2017-11359,CVE-2017-15370,CVE-2017-15371,CVE-2017-15372,CVE-2017-15642,CVE-2017-18189 Sources used: openSUSE Leap 42.3 (src): sox-14.4.2-5.3.1 released |