SUSE update for dwarves and elfutils



Risk High
Patch available YES
Number of vulnerabilities 19
CVE-ID CVE-2017-7607
CVE-2017-7608
CVE-2017-7609
CVE-2017-7610
CVE-2017-7611
CVE-2017-7612
CVE-2017-7613
CVE-2018-16062
CVE-2018-16402
CVE-2018-16403
CVE-2018-18310
CVE-2018-18520
CVE-2018-18521
CVE-2019-7146
CVE-2019-7148
CVE-2019-7149
CVE-2019-7150
CVE-2019-7664
CVE-2019-7665
CWE-ID CWE-122
CWE-119
CWE-125
CWE-415
CWE-20
CWE-476
CWE-369
CWE-400
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Public exploit code for vulnerability #2 is available.
Public exploit code for vulnerability #3 is available.
Public exploit code for vulnerability #4 is available.
Public exploit code for vulnerability #5 is available.
Public exploit code for vulnerability #6 is available.
Public exploit code for vulnerability #7 is available.
Public exploit code for vulnerability #11 is available.
Public exploit code for vulnerability #12 is available.
Public exploit code for vulnerability #13 is available.
Public exploit code for vulnerability #14 is available.
Public exploit code for vulnerability #15 is available.
Public exploit code for vulnerability #16 is available.
Public exploit code for vulnerability #17 is available.
Public exploit code for vulnerability #18 is available.
Public exploit code for vulnerability #19 is available.
Vulnerable software
 SUSE Linux Enterprise Storage
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

SUSE Linux Enterprise Desktop
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications
Operating systems & Components / Operating system

SUSE Linux Enterprise Server
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Basesystem
Operating systems & Components / Operating system

elfutils-lang
Operating systems & Components / Operating system package or component

libelf1-32bit-debuginfo
Operating systems & Components / Operating system package or component

libelf1-32bit
Operating systems & Components / Operating system package or component

libelf-devel-32bit
Operating systems & Components / Operating system package or component

libebl-plugins-32bit-debuginfo
Operating systems & Components / Operating system package or component

libebl-plugins-32bit
Operating systems & Components / Operating system package or component

libdwarves1-32bit-debuginfo
Operating systems & Components / Operating system package or component

libdwarves1-32bit
Operating systems & Components / Operating system package or component

libdwarves-devel-32bit
Operating systems & Components / Operating system package or component

libdw1-32bit-debuginfo
Operating systems & Components / Operating system package or component

libdw1-32bit
Operating systems & Components / Operating system package or component

libasm1-32bit-debuginfo
Operating systems & Components / Operating system package or component

libasm1-32bit
Operating systems & Components / Operating system package or component

libelf1-debuginfo
Operating systems & Components / Operating system package or component

libelf1
Operating systems & Components / Operating system package or component

libelf-devel
Operating systems & Components / Operating system package or component

libebl-plugins-debuginfo
Operating systems & Components / Operating system package or component

libebl-plugins
Operating systems & Components / Operating system package or component

libebl-devel
Operating systems & Components / Operating system package or component

libdwarves1-debuginfo
Operating systems & Components / Operating system package or component

libdwarves1
Operating systems & Components / Operating system package or component

libdwarves-devel
Operating systems & Components / Operating system package or component

libdw1-debuginfo
Operating systems & Components / Operating system package or component

libdw1
Operating systems & Components / Operating system package or component

libdw-devel
Operating systems & Components / Operating system package or component

libasm1-debuginfo
Operating systems & Components / Operating system package or component

libasm1
Operating systems & Components / Operating system package or component

libasm-devel
Operating systems & Components / Operating system package or component

elfutils-debugsource
Operating systems & Components / Operating system package or component

elfutils-debuginfo
Operating systems & Components / Operating system package or component

elfutils
Operating systems & Components / Operating system package or component

dwarves-debugsource
Operating systems & Components / Operating system package or component

dwarves-debuginfo
Operating systems & Components / Operating system package or component

dwarves
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 19 vulnerabilities.

1) Heap-based buffer overflow

EUVDB-ID: #VU13240

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2017-7607

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the handle_gnu_hash function of elfutils due to heap-based buffer overflow when handling of Executable and Linkable Format (ELF) files by the handle_gnu_hash function, as defined in the readelf.c source code file. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger memory corruption and cause the application to crash.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Heap-based buffer overflow

EUVDB-ID: #VU13239

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2017-7608

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the ebl_object_note_type_name function of elfutils due to heap-based buffer overflow when handling Executable and Linkable Format (ELF) files by the ebl_object_note_type_namefunction, as defined in the eblobjnotetypename.c source code file. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger memory corruption and cause the application to crash.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

3) Memory corruption

EUVDB-ID: #VU13238

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2017-7609

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the elf_compress.c source code of elfutils due to improper validation of the zlib compression factor before the affected software allocates the output buffer. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger memory corruption and cause the application to crash.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

4) Heap-based buffer overflow

EUVDB-ID: #VU13245

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2017-7610

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the check_group function of elfutils due to heap-based buffer overflow when handling of Executable and Linkable Format (ELF) files by the check_group function, as defined in the elflint.c source code file. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger memory corruption and cause the application to crash.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

5) Heap-based buffer overflow

EUVDB-ID: #VU13244

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2017-7611

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the check_symtab_shndx function of elfutils due to heap-based buffer overflow when handling of Executable and Linkable Format (ELF) files by the check_symtab_shndxfunction, as defined in the elflint.c source code file. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger memory corruption and cause the application to crash.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

6) Heap-based buffer overflow

EUVDB-ID: #VU13243

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2017-7612

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the check_sysv_hash function of elfutils due to heap-based buffer overflow when handling of Executable and Linkable Format (ELF) files by the check_sysv_hash function, as defined in the elflint.c source code file. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger memory corruption and cause the application to crash.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

7) Memory corruption

EUVDB-ID: #VU13242

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2017-7613

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the elflint.c source code of elfutils due to boundary error when sanitization checks of the number of eshnum sections and ephnum segments. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger memory corruption and cause the application to crash.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

8) Out-of-bounds read

EUVDB-ID: #VU31220

Risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2018-16062

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18. A remote attacker can perform a denial of service (heap-based buffer over-read) via a crafted file.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Double Free

EUVDB-ID: #VU36733

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2018-16402

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Out-of-bounds read

EUVDB-ID: #VU36734

Risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2018-16403

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Segmentation fault

EUVDB-ID: #VU15371

Risk: Low

CVSSv4.0: 5.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2018-18310

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The vulnerability exists in the dwfl_segment_report_module.c source code file in the libdwfl library due to improper handling of Executable and Linkable Format (ELF) files. A local attacker can send an ELF file that submits malicious input, execute the eu-stack command, trigger a segmentation fault and cause the affected application to crash.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

12) Null pointer dereference

EUVDB-ID: #VU15528

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2018-18520

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to due to improper handling of Executable and Linkable Format (ELF) files by the elf_end function, as defined in the size.c source code file. A remote attacker can trick the victim into opening a specially crafted ELF file that submits malicious input, trigger NULL pointer dereference and cause application to crash.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

13) Divide by zero

EUVDB-ID: #VU15527

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2018-18521

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to due to improper handling of Executable and Linkable Format (ELF) files by the arlib_add_symbols function, as defined in the arlib.c source code file. A remote attacker can trick the victim into opening a specially crafted ELF file that submits malicious input, trigger a divide-by-zero condition and cause application to crash.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

14) Out-of-bounds read

EUVDB-ID: #VU17327

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2019-7146

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper handling of Executable and Linkable Format (ELF) files by the ebl_object_note function, as defined in the eblobjnote.c source code file. A remote attacker can trick the victim into opening a specially crafted ELF file that submits malicious input, trigger a buffer over-read condition and cause the affected application to crash, resulting in a DoS condition.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

15) Resource exhaustion

EUVDB-ID: #VU17375

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2019-7148

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists in the libelf component due to improper handling of Executable and Linkable Format (ELF) files by the read_long_names function, as defined in the elf_begin.c source code file. A remote attacker can trick the victim into accessing an ELF file that submits malicious input and cause the affected application to improperly allocate excessive memory resources, resulting in a DoS condition.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

16) Heap-based out-of-bounds read

EUVDB-ID: #VU17326

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2019-7149

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper handling of Executable and Linkable Format (ELF) files by the read_srclines function, as defined in the dwarf_getsrclines.c source code file. A remote attacker can trick the victim into opening a specially crafted an ELF file that submits malicious input, trigger a heap-based buffer over-read condition and cause the affected application to crash, resulting in a DoS condition.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

17) Segmentation fault

EUVDB-ID: #VU17325

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2019-7150

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient sanitization of user-supplied input by the elf64_xlatetom function as defined in the libelf/elf32_xlatetom.c source code file. A remote attacker can trick the victim into opening a specially crafted file that submits malicious input, trigger a segmentation fault and cause the affected application to crash, resulting in a DoS condition.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

18) Memory corruption

EUVDB-ID: #VU17697

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2019-7664

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to improper overflow checks by the elf_cvt_note function, as defined in the libelf/note_xlate.h source code file . A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger memory corruption and cause the affected application to crash, resulting in a DoS condition.

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

19) Segmentation fault

EUVDB-ID: #VU17718

Risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2019-7665

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the ebl_core_note function due to improper check if the values of a NT_PLATFORM core file note is a zero-terminated string. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger a segmentation fault that causes the affected application to crash, resulting in a DoS condition. 

Mitigation

Update the affected package dwarves and elfutils to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Micro: 5.1 - 5.2

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Server: 15-SP3

SUSE Linux Enterprise High Performance Computing: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

elfutils-lang: before 0.177-150300.11.3.1

libelf1-32bit-debuginfo: before 0.177-150300.11.3.1

libelf1-32bit: before 0.177-150300.11.3.1

libelf-devel-32bit: before 0.177-150300.11.3.1

libebl-plugins-32bit-debuginfo: before 0.177-150300.11.3.1

libebl-plugins-32bit: before 0.177-150300.11.3.1

libdwarves1-32bit-debuginfo: before 1.22-150300.7.3.1

libdwarves1-32bit: before 1.22-150300.7.3.1

libdwarves-devel-32bit: before 1.22-150300.7.3.1

libdw1-32bit-debuginfo: before 0.177-150300.11.3.1

libdw1-32bit: before 0.177-150300.11.3.1

libasm1-32bit-debuginfo: before 0.177-150300.11.3.1

libasm1-32bit: before 0.177-150300.11.3.1

libelf1-debuginfo: before 0.177-150300.11.3.1

libelf1: before 0.177-150300.11.3.1

libelf-devel: before 0.177-150300.11.3.1

libebl-plugins-debuginfo: before 0.177-150300.11.3.1

libebl-plugins: before 0.177-150300.11.3.1

libebl-devel: before 0.177-150300.11.3.1

libdwarves1-debuginfo: before 1.22-150300.7.3.1

libdwarves1: before 1.22-150300.7.3.1

libdwarves-devel: before 1.22-150300.7.3.1

libdw1-debuginfo: before 0.177-150300.11.3.1

libdw1: before 0.177-150300.11.3.1

libdw-devel: before 0.177-150300.11.3.1

libasm1-debuginfo: before 0.177-150300.11.3.1

libasm1: before 0.177-150300.11.3.1

libasm-devel: before 0.177-150300.11.3.1

elfutils-debugsource: before 0.177-150300.11.3.1

elfutils-debuginfo: before 0.177-150300.11.3.1

elfutils: before 0.177-150300.11.3.1

dwarves-debugsource: before 1.22-150300.7.3.1

dwarves-debuginfo: before 1.22-150300.7.3.1

dwarves: before 1.22-150300.7.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20222614-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###