Test Kennung:	1.3.6.1.4.1.25623.1.0.851941
Kategorie:	SuSE Local Security Checks
Titel:	openSUSE: Security Advisory for binutils (openSUSE-SU-2018:3223-1)
Zusammenfassung:	The remote host is missing an update for the 'binutils'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'binutils' package(s) announced via the referenced advisory. Vulnerability Insight: This update for binutils to 2.31 fixes the following issues: These security issues were fixed: - CVE-2017-15996: readelf allowed remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggered a buffer overflow on fuzzed archive header (bsc#1065643). - CVE-2017-15939: Binary File Descriptor (BFD) library (aka libbfd) mishandled NULL files in a .debug_line file table, which allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename (bsc#1065689). - CVE-2017-15938: the Binary File Descriptor (BFD) library (aka libbfd) miscalculated DW_FORM_ref_addr die refs in the case of a relocatable object file, which allowed remote attackers to cause a denial of service (find_abstract_instance_name invalid memory read, segmentation fault, and application crash) (bsc#1065693). - CVE-2017-16826: The coff_slurp_line_table function the Binary File Descriptor (BFD) library (aka libbfd) allowed remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted PE file (bsc#1068640). - CVE-2017-16832: The pe_bfd_read_buildid function in the Binary File Descriptor (BFD) library (aka libbfd) did not validate size and offset values in the data dictionary, which allowed remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted PE file (bsc#1068643). - CVE-2017-16831: Binary File Descriptor (BFD) library (aka libbfd) did not validate the symbol count, which allowed remote attackers to cause a denial of service (integer overflow and application crash, or excessive memory allocation) or possibly have unspecified other impact via a crafted PE file (bsc#1068887). - CVE-2017-16830: The print_gnu_property_note function did not have integer-overflow protection on 32-bit platforms, which allowed remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted ELF file (bsc#1068888). - CVE-2017-16829: The _bfd_elf_parse_gnu_properties function in the Binary File Descriptor (BFD) library (aka libbfd) did not prevent negative pointers, which allowed remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted ELF file (b ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: binutils on openSUSE Leap 42.3 Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-9939 http://www.openwall.com/lists/oss-security/2015/07/31/6 Common Vulnerability Exposure (CVE) ID: CVE-2017-6965 https://security.gentoo.org/glsa/201709-02 Common Vulnerability Exposure (CVE) ID: CVE-2017-6966 Common Vulnerability Exposure (CVE) ID: CVE-2017-6969 BugTraq ID: 97065 http://www.securityfocus.com/bid/97065 Common Vulnerability Exposure (CVE) ID: CVE-2017-7209 BugTraq ID: 96994 http://www.securityfocus.com/bid/96994 https://security.gentoo.org/glsa/201801-01 Common Vulnerability Exposure (CVE) ID: CVE-2017-7210 BugTraq ID: 96992 http://www.securityfocus.com/bid/96992 Common Vulnerability Exposure (CVE) ID: CVE-2017-7223 Common Vulnerability Exposure (CVE) ID: CVE-2017-7224 BugTraq ID: 97277 http://www.securityfocus.com/bid/97277 Common Vulnerability Exposure (CVE) ID: CVE-2017-7225 BugTraq ID: 97275 http://www.securityfocus.com/bid/97275 Common Vulnerability Exposure (CVE) ID: CVE-2017-7226 Common Vulnerability Exposure (CVE) ID: CVE-2017-7299 BugTraq ID: 97217 http://www.securityfocus.com/bid/97217 Common Vulnerability Exposure (CVE) ID: CVE-2017-7300 BugTraq ID: 97219 http://www.securityfocus.com/bid/97219 Common Vulnerability Exposure (CVE) ID: CVE-2017-7301 BugTraq ID: 97218 http://www.securityfocus.com/bid/97218 Common Vulnerability Exposure (CVE) ID: CVE-2017-7302 BugTraq ID: 97216 http://www.securityfocus.com/bid/97216 Common Vulnerability Exposure (CVE) ID: CVE-2017-7303 BugTraq ID: 97213 http://www.securityfocus.com/bid/97213 Common Vulnerability Exposure (CVE) ID: CVE-2017-7304 BugTraq ID: 97215 http://www.securityfocus.com/bid/97215 Common Vulnerability Exposure (CVE) ID: CVE-2017-8392 Common Vulnerability Exposure (CVE) ID: CVE-2017-8393 Common Vulnerability Exposure (CVE) ID: CVE-2017-8394 Common Vulnerability Exposure (CVE) ID: CVE-2017-8396 Common Vulnerability Exposure (CVE) ID: CVE-2017-8421 Common Vulnerability Exposure (CVE) ID: CVE-2017-9746 BugTraq ID: 99117 http://www.securityfocus.com/bid/99117 https://www.exploit-db.com/exploits/42199/ Common Vulnerability Exposure (CVE) ID: CVE-2017-9747 BugTraq ID: 99114 http://www.securityfocus.com/bid/99114 https://www.exploit-db.com/exploits/42200/ Common Vulnerability Exposure (CVE) ID: CVE-2017-9748 BugTraq ID: 99110 http://www.securityfocus.com/bid/99110 https://www.exploit-db.com/exploits/42202/ Common Vulnerability Exposure (CVE) ID: CVE-2017-9750 BugTraq ID: 99118 http://www.securityfocus.com/bid/99118 https://www.exploit-db.com/exploits/42198/ Common Vulnerability Exposure (CVE) ID: CVE-2017-9755 BugTraq ID: 99124 http://www.securityfocus.com/bid/99124 Common Vulnerability Exposure (CVE) ID: CVE-2017-9756 BugTraq ID: 99103 http://www.securityfocus.com/bid/99103 https://www.exploit-db.com/exploits/42204/ Common Vulnerability Exposure (CVE) ID: CVE-2018-6323 BugTraq ID: 102821 http://www.securityfocus.com/bid/102821 https://www.exploit-db.com/exploits/44035/ SuSE Security Announcement: openSUSE-SU-2019:2415 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html SuSE Security Announcement: openSUSE-SU-2019:2432 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html Common Vulnerability Exposure (CVE) ID: CVE-2018-6543 BugTraq ID: 102985 http://www.securityfocus.com/bid/102985 https://security.gentoo.org/glsa/201811-17 https://sourceware.org/bugzilla/show_bug.cgi?id=22769 Common Vulnerability Exposure (CVE) ID: CVE-2018-6759 BugTraq ID: 103030 http://www.securityfocus.com/bid/103030 Common Vulnerability Exposure (CVE) ID: CVE-2018-6872 BugTraq ID: 103103 http://www.securityfocus.com/bid/103103 Common Vulnerability Exposure (CVE) ID: CVE-2018-7208 BugTraq ID: 103077 http://www.securityfocus.com/bid/103077 RedHat Security Advisories: RHBA-2019:0327 https://access.redhat.com/errata/RHBA-2019:0327 RedHat Security Advisories: RHSA-2018:3032 https://access.redhat.com/errata/RHSA-2018:3032 Common Vulnerability Exposure (CVE) ID: CVE-2018-7568 https://sourceware.org/bugzilla/show_bug.cgi?id=22894 Common Vulnerability Exposure (CVE) ID: CVE-2018-7569 https://sourceware.org/bugzilla/show_bug.cgi?id=22895 Common Vulnerability Exposure (CVE) ID: CVE-2018-7570 https://sourceware.org/bugzilla/show_bug.cgi?id=22881 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=01f7e10cf2dcf403462b2feed06c43135651556d Common Vulnerability Exposure (CVE) ID: CVE-2018-7642 https://sourceware.org/bugzilla/show_bug.cgi?id=22887 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=116acb2c268c89c89186673a7c92620d21825b25 Common Vulnerability Exposure (CVE) ID: CVE-2018-7643 BugTraq ID: 103264 http://www.securityfocus.com/bid/103264 https://sourceware.org/bugzilla/show_bug.cgi?id=22905 Common Vulnerability Exposure (CVE) ID: CVE-2018-8945 https://sourceware.org/bugzilla/show_bug.cgi?id=22809 https://usn.ubuntu.com/4336-1/
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.