OpenSUSE Linux update for SDL2

Published: 2018-03-18

Risk	High
Patch available	YES
Number of vulnerabilities	7
CVE-ID	CVE-2017-12122 CVE-2017-14440 CVE-2017-14441 CVE-2017-14442 CVE-2017-14448 CVE-2017-14449 CVE-2017-14450
CWE-ID	CWE-122 CWE-121 CWE-190 CWE-415 CWE-120
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	openSUSE Leap Operating systems & Components / Operating system package or component
Vendor	SDB

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) Heap-based buffer overflow

EUVDB-ID: #VU11244

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-12122

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists in the ILBM image rendering functionality due to heap-based buffer overflow. A remote attacker can send a specially crafted image, trick the victim into opening it and execute arbitrary code.

Mitigation

Update the affected packages.

Vulnerable software versions

openSUSE Leap: 42.3

CPE2.3

cpe:2.3:o:sdb:opensuse_leap:42.3:*:*:*:*:*:*:*

External links

http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00047.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Stack-based buffer overflow

EUVDB-ID: #VU11245

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-14440

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists in the ILBM image rendering functionality due to stack-based buffer overflow. A remote attacker can send a specially crafted image, trick the victim into opening it and execute arbitrary code.

Mitigation

Update the affected packages.

Vulnerable software versions

openSUSE Leap: 42.3

CPE2.3

cpe:2.3:o:sdb:opensuse_leap:42.3:*:*:*:*:*:*:*

External links

http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00047.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Integer overflow

EUVDB-ID: #VU11246

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-14441

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists in the ICO image rendering functionality due to integer overflow. A remote attacker can send a specially crafted image, trick the victim into opening it and execute arbitrary code.

Mitigation

Update the affected packages.

Vulnerable software versions

openSUSE Leap: 42.3

CPE2.3

cpe:2.3:o:sdb:opensuse_leap:42.3:*:*:*:*:*:*:*

External links

http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00047.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Stack-based buffer overflow

EUVDB-ID: #VU11247

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-14442

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists in the BMP image rendering functionality due to stack-based buffer overflow. A remote attacker can send a specially crafted image, trick the victim into opening it and execute arbitrary code.

Mitigation

Update the affected packages.

Vulnerable software versions

openSUSE Leap: 42.3

CPE2.3

cpe:2.3:o:sdb:opensuse_leap:42.3:*:*:*:*:*:*:*

External links

http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00047.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Heap-based buffer overflow

EUVDB-ID: #VU11248

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-14448

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists in the XCF image rendering functionality due to heap-based buffer overflow. A remote attacker can send a specially crafted image, trick the victim into opening it and execute arbitrary code.

Mitigation

Update the affected packages.

Vulnerable software versions

openSUSE Leap: 42.3

CPE2.3

cpe:2.3:o:sdb:opensuse_leap:42.3:*:*:*:*:*:*:*

External links

http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00047.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Double free

EUVDB-ID: #VU11249

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-14449

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists in the XCF image rendering functionality due to double free. A remote attacker can send a specially crafted image, trick the victim into opening it and execute arbitrary code.

Mitigation

Update the affected packages.

Vulnerable software versions

openSUSE Leap: 42.3

CPE2.3

cpe:2.3:o:sdb:opensuse_leap:42.3:*:*:*:*:*:*:*

External links

http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00047.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Buffer overflow

EUVDB-ID: #VU11250

Risk: Low

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-14450

CWE-ID: CWE-120 - Buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists in the GIF image parsing functionality due to buffer overflow. A remote attacker can send a specially crafted image, trick the victim into opening it and execute arbitrary code.

Mitigation

Update the affected packages.

Vulnerable software versions

openSUSE Leap: 42.3

CPE2.3

cpe:2.3:o:sdb:opensuse_leap:42.3:*:*:*:*:*:*:*

External links

http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00047.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.