SUSE update for texlive
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2023-46048 |
| CWE-ID | CWE-476 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SUSE Linux Enterprise Software Development Kit 12 Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 12 Operating systems & Components / Operating system SUSE Linux Enterprise Server 12 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 12 Operating systems & Components / Operating system libkpathsea6-debuginfo Operating systems & Components / Operating system package or component libkpathsea6 Operating systems & Components / Operating system package or component texlive-bibtex-bin Operating systems & Components / Operating system package or component texlive-kpathsea-bin-debuginfo Operating systems & Components / Operating system package or component texlive-lacheck-bin-debuginfo Operating systems & Components / Operating system package or component texlive-pdftex-bin Operating systems & Components / Operating system package or component texlive-dvipdfmx-bin-debuginfo Operating systems & Components / Operating system package or component texlive Operating systems & Components / Operating system package or component texlive-seetexk-bin-debuginfo Operating systems & Components / Operating system package or component texlive-lacheck-bin Operating systems & Components / Operating system package or component texlive-dviljk-bin Operating systems & Components / Operating system package or component texlive-mfware-bin Operating systems & Components / Operating system package or component texlive-latex-bin-bin Operating systems & Components / Operating system package or component texlive-checkcites-bin Operating systems & Components / Operating system package or component texlive-xetex-bin-debuginfo Operating systems & Components / Operating system package or component texlive-ptexenc-devel Operating systems & Components / Operating system package or component texlive-kpathsea-devel Operating systems & Components / Operating system package or component texlive-vlna-bin-debuginfo Operating systems & Components / Operating system package or component texlive-context-bin Operating systems & Components / Operating system package or component texlive-dvips-bin Operating systems & Components / Operating system package or component texlive-lua2dox-bin Operating systems & Components / Operating system package or component texlive-tex4ht-bin Operating systems & Components / Operating system package or component texlive-gsftopk-bin Operating systems & Components / Operating system package or component texlive-makeindex-bin-debuginfo Operating systems & Components / Operating system package or component texlive-splitindex-bin Operating systems & Components / Operating system package or component texlive-kpathsea-bin Operating systems & Components / Operating system package or component texlive-dvips-bin-debuginfo Operating systems & Components / Operating system package or component texlive-pstools-bin Operating systems & Components / Operating system package or component texlive-cweb-bin Operating systems & Components / Operating system package or component texlive-web-bin-debuginfo Operating systems & Components / Operating system package or component texlive-metafont-bin-debuginfo Operating systems & Components / Operating system package or component texlive-tetex-bin Operating systems & Components / Operating system package or component libptexenc1 Operating systems & Components / Operating system package or component texlive-vlna-bin Operating systems & Components / Operating system package or component texlive-luaotfload-bin Operating systems & Components / Operating system package or component texlive-dvidvi-bin Operating systems & Components / Operating system package or component texlive-gsftopk-bin-debuginfo Operating systems & Components / Operating system package or component texlive-tex-bin-debuginfo Operating systems & Components / Operating system package or component texlive-pdftex-bin-debuginfo Operating systems & Components / Operating system package or component texlive-dvisvgm-bin-debuginfo Operating systems & Components / Operating system package or component texlive-mptopdf-bin Operating systems & Components / Operating system package or component texlive-bibtex-bin-debuginfo Operating systems & Components / Operating system package or component texlive-bin-devel Operating systems & Components / Operating system package or component texlive-metafont-bin Operating systems & Components / Operating system package or component texlive-dvipng-bin-debuginfo Operating systems & Components / Operating system package or component texlive-xetex-bin Operating systems & Components / Operating system package or component texlive-dviljk-bin-debuginfo Operating systems & Components / Operating system package or component texlive-tex-bin Operating systems & Components / Operating system package or component texlive-metapost-bin-debuginfo Operating systems & Components / Operating system package or component texlive-dvipng-bin Operating systems & Components / Operating system package or component texlive-pstools-bin-debuginfo Operating systems & Components / Operating system package or component texlive-metapost-bin Operating systems & Components / Operating system package or component texlive-dvipdfmx-bin Operating systems & Components / Operating system package or component libptexenc1-debuginfo Operating systems & Components / Operating system package or component texlive-cweb-bin-debuginfo Operating systems & Components / Operating system package or component texlive-dviasm-bin Operating systems & Components / Operating system package or component texlive-debugsource Operating systems & Components / Operating system package or component texlive-mfware-bin-debuginfo Operating systems & Components / Operating system package or component texlive-texconfig-bin Operating systems & Components / Operating system package or component texlive-jadetex-bin Operating systems & Components / Operating system package or component texlive-seetexk-bin Operating systems & Components / Operating system package or component texlive-thumbpdf-bin Operating systems & Components / Operating system package or component texlive-xdvi-bin-debuginfo Operating systems & Components / Operating system package or component texlive-luatex-bin-debuginfo Operating systems & Components / Operating system package or component texlive-xdvi-bin Operating systems & Components / Operating system package or component texlive-luatex-bin Operating systems & Components / Operating system package or component texlive-dvidvi-bin-debuginfo Operating systems & Components / Operating system package or component texlive-web-bin Operating systems & Components / Operating system package or component texlive-xmltex-bin Operating systems & Components / Operating system package or component texlive-makeindex-bin Operating systems & Components / Operating system package or component texlive-dvisvgm-bin Operating systems & Components / Operating system package or component texlive-tex4ht-bin-debuginfo Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) NULL pointer dereference
EUVDB-ID: #VU96489
Risk: Low
CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-46048
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in texk/web2c/pdftexdir/writet1.c. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationUpdate the affected package texlive to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Software Development Kit 12: SP5
SUSE Linux Enterprise Server for SAP Applications 12: SP5
SUSE Linux Enterprise Server 12: SP5
SUSE Linux Enterprise High Performance Computing 12: SP5
libkpathsea6-debuginfo: before 6.2.0dev-22.11.1
libkpathsea6: before 6.2.0dev-22.11.1
texlive-bibtex-bin: before 2013.20130620.svn30088-22.11.1
texlive-kpathsea-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-lacheck-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-pdftex-bin: before 2013.20130620.svn30845-22.11.1
texlive-dvipdfmx-bin-debuginfo: before 2013.20130620.svn30845-22.11.1
texlive: before 2013.20130620-22.11.1
texlive-seetexk-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-lacheck-bin: before 2013.20130620.svn30088-22.11.1
texlive-dviljk-bin: before 2013.20130620.svn30088-22.11.1
texlive-mfware-bin: before 2013.20130620.svn30088-22.11.1
texlive-latex-bin-bin: before 2013.20130620.svn14050-22.11.1
texlive-checkcites-bin: before 2013.20130620.svn25623-22.11.1
texlive-xetex-bin-debuginfo: before 2013.20130620.svn30845-22.11.1
texlive-ptexenc-devel: before 1.3.2dev-22.11.1
texlive-kpathsea-devel: before 6.2.0dev-22.11.1
texlive-vlna-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-context-bin: before 2013.20130620.svn29741-22.11.1
texlive-dvips-bin: before 2013.20130620.svn30088-22.11.1
texlive-lua2dox-bin: before 2013.20130620.svn29053-22.11.1
texlive-tex4ht-bin: before 2013.20130620.svn30088-22.11.1
texlive-gsftopk-bin: before 2013.20130620.svn30088-22.11.1
texlive-makeindex-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-splitindex-bin: before 2013.20130620.svn29688-22.11.1
texlive-kpathsea-bin: before 2013.20130620.svn30088-22.11.1
texlive-dvips-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-pstools-bin: before 2013.20130620.svn30088-22.11.1
texlive-cweb-bin: before 2013.20130620.svn30088-22.11.1
texlive-web-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-metafont-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-tetex-bin: before 2013.20130620.svn29741-22.11.1
libptexenc1: before 1.3.2dev-22.11.1
texlive-vlna-bin: before 2013.20130620.svn30088-22.11.1
texlive-luaotfload-bin: before 2013.20130620.svn30313-22.11.1
texlive-dvidvi-bin: before 2013.20130620.svn30088-22.11.1
texlive-gsftopk-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-tex-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-pdftex-bin-debuginfo: before 2013.20130620.svn30845-22.11.1
texlive-dvisvgm-bin-debuginfo: before 2013.20130620.svn30613-22.11.1
texlive-mptopdf-bin: before 2013.20130620.svn18674-22.11.1
texlive-bibtex-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-bin-devel: before 2013.20130620-22.11.1
texlive-metafont-bin: before 2013.20130620.svn30088-22.11.1
texlive-dvipng-bin-debuginfo: before 2013.20130620.svn30845-22.11.1
texlive-xetex-bin: before 2013.20130620.svn30845-22.11.1
texlive-dviljk-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-tex-bin: before 2013.20130620.svn30088-22.11.1
texlive-metapost-bin-debuginfo: before 2013.20130620.svn30845-22.11.1
texlive-dvipng-bin: before 2013.20130620.svn30845-22.11.1
texlive-pstools-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-metapost-bin: before 2013.20130620.svn30845-22.11.1
texlive-dvipdfmx-bin: before 2013.20130620.svn30845-22.11.1
libptexenc1-debuginfo: before 1.3.2dev-22.11.1
texlive-cweb-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-dviasm-bin: before 2013.20130620.svn8329-22.11.1
texlive-debugsource: before 2013.20130620-22.11.1
texlive-mfware-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-texconfig-bin: before 2013.20130620.svn29741-22.11.1
texlive-jadetex-bin: before 2013.20130620.svn3006-22.11.1
texlive-seetexk-bin: before 2013.20130620.svn30088-22.11.1
texlive-thumbpdf-bin: before 2013.20130620.svn6898-22.11.1
texlive-xdvi-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-luatex-bin-debuginfo: before 2013.20130620.svn30845-22.11.1
texlive-xdvi-bin: before 2013.20130620.svn30088-22.11.1
texlive-luatex-bin: before 2013.20130620.svn30845-22.11.1
texlive-dvidvi-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
texlive-web-bin: before 2013.20130620.svn30088-22.11.1
texlive-xmltex-bin: before 2013.20130620.svn3006-22.11.1
texlive-makeindex-bin: before 2013.20130620.svn30088-22.11.1
texlive-dvisvgm-bin: before 2013.20130620.svn30613-22.11.1
texlive-tex4ht-bin-debuginfo: before 2013.20130620.svn30088-22.11.1
CPE2.3- cpe:2.3:o:suse:suse_linux_enterprise_software_development_kit_12:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_12:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_12:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_12:SP5:*:*:*:*:*:*:*
- cpe:2.3:a:suse:libkpathsea6-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libkpathsea6:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-bibtex-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-kpathsea-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-lacheck-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-pdftex-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-dvipdfmx-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-seetexk-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-lacheck-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-dviljk-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-mfware-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-latex-bin-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-checkcites-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-xetex-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-ptexenc-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-kpathsea-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-vlna-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-context-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-dvips-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-lua2dox-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-tex4ht-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-gsftopk-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-makeindex-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-splitindex-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-kpathsea-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-dvips-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-pstools-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-cweb-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-web-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-metafont-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-tetex-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libptexenc1:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-vlna-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-luaotfload-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-dvidvi-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-gsftopk-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-tex-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-pdftex-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-dvisvgm-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-mptopdf-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-bibtex-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-bin-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-metafont-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-dvipng-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-xetex-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-dviljk-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-tex-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-metapost-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-dvipng-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-pstools-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-metapost-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-dvipdfmx-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:libptexenc1-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-cweb-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-dviasm-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-mfware-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-texconfig-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-jadetex-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-seetexk-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-thumbpdf-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-xdvi-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-luatex-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-xdvi-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-luatex-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-dvidvi-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-web-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-xmltex-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-makeindex-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-dvisvgm-bin:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:a:suse:texlive-tex4ht-bin-debuginfo:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241296-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
