OpenSUSE Linux update for libcdio



Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2017-18199
CVE-2017-18201
CWE-ID CWE-476
CWE-415
Exploitation vector Network
Public exploit N/A
Vulnerable software
 Opensuse
Operating systems & Components / Operating system

Vendor SUSE

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) NULL pointer dereference

EUVDB-ID: #VU10796

Risk: Low

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-18199

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists in the realloc_symlink function due to improper handling of crafted ISO image files. A remote attacker can create a specially crafted ISO image file, trick the victim into opening it and cause the service to crash.

Mitigation

Update the affected packages.

Vulnerable software versions

Opensuse: 15.0

CPE2.3 External links

https://lists.opensuse.org/opensuse-security-announce/2018-08/msg00040.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Double free

EUVDB-ID: #VU11166

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-18201

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists in the get_cdtext_generic() function due to double free. A local attacker can send specially crafted input, trigger memory corruption and cause the service to crash.

Mitigation

Update the affected packages.

Vulnerable software versions

Opensuse: 15.0

CPE2.3 External links

https://lists.opensuse.org/opensuse-security-announce/2018-08/msg00040.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###