Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.852757 |
Kategorie: | SuSE Local Security Checks |
Titel: | openSUSE: Security Advisory for binutils (openSUSE-SU-2019:2415-1) |
Zusammenfassung: | The remote host is missing an update for the 'binutils'; package(s) announced via the openSUSE-SU-2019:2415-1 advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'binutils' package(s) announced via the openSUSE-SU-2019:2415-1 advisory. Vulnerability Insight: This update for binutils fixes the following issues: binutils was updated to current 2.32 branch [jsc#ECO-368]. Includes following security fixes: - CVE-2018-17358: Fixed invalid memory access in _bfd_stab_section_find_nearest_line in syms.c (bsc#1109412) - CVE-2018-17359: Fixed invalid memory access exists in bfd_zalloc in opncls.c (bsc#1109413) - CVE-2018-17360: Fixed heap-based buffer over-read in bfd_getl32 in libbfd.c (bsc#1109414) - CVE-2018-17985: Fixed a stack consumption problem caused by the cplus_demangle_type (bsc#1116827) - CVE-2018-18309: Fixed an invalid memory address dereference was discovered in read_reloc in reloc.c (bsc#1111996) - CVE-2018-18483: Fixed get_count function provided by libiberty that allowed attackers to cause a denial of service or other unspecified impact (bsc#1112535) - CVE-2018-18484: Fixed stack exhaustion in the C++ demangling functions provided by libiberty, caused by recursive stack frames (bsc#1112534) - CVE-2018-18605: Fixed a heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup causing a denial of service (bsc#1113255) - CVE-2018-18606: Fixed a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments, causing denial of service (bsc#1113252) - CVE-2018-18607: Fixed a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section, causing denial of service (bsc#1113247) - CVE-2018-19931: Fixed a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h (bsc#1118831) - CVE-2018-19932: Fixed an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA (bsc#1118830) - CVE-2018-20623: Fixed a use-after-free in the error function in elfcomm.c (bsc#1121035) - CVE-2018-20651: Fixed a denial of service via a NULL pointer dereference in elf_link_add_object_symbols in elflink.c (bsc#1121034) - CVE-2018-20671: Fixed an integer overflow that can trigger a heap-based buffer overflow in load_specific_debug_section in objdump.c (bsc#1121056) - CVE-2018-1000876: Fixed integer overflow in bfd_get_dynamic_reloc_upper_bound, bfd_canonicalize_dynamic_reloc in objdump (bsc#1120640) - CVE-2019-1010180: Fixed an out of bound memory access that could lead to crashes (bsc#1142772) - enable xtensa architecture (Tensilica lc6 and related) - Use -ffat-lto-objects in order to provide assembly for static libs (bsc#1141913). - Fixed some LTO build issues (bsc#1133131 bsc#1133232). - riscv: Don't check ABI flags if no code section ... Description truncated. Please see the references for more information. Affected Software/OS: 'binutils' package(s) on openSUSE Leap 15.0. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-6323 BugTraq ID: 102821 http://www.securityfocus.com/bid/102821 https://www.exploit-db.com/exploits/44035/ SuSE Security Announcement: openSUSE-SU-2019:2415 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html SuSE Security Announcement: openSUSE-SU-2019:2432 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html Common Vulnerability Exposure (CVE) ID: CVE-2018-6543 BugTraq ID: 102985 http://www.securityfocus.com/bid/102985 https://security.gentoo.org/glsa/201811-17 https://sourceware.org/bugzilla/show_bug.cgi?id=22769 Common Vulnerability Exposure (CVE) ID: CVE-2018-6759 BugTraq ID: 103030 http://www.securityfocus.com/bid/103030 Common Vulnerability Exposure (CVE) ID: CVE-2018-6872 BugTraq ID: 103103 http://www.securityfocus.com/bid/103103 Common Vulnerability Exposure (CVE) ID: CVE-2018-7208 BugTraq ID: 103077 http://www.securityfocus.com/bid/103077 RedHat Security Advisories: RHBA-2019:0327 https://access.redhat.com/errata/RHBA-2019:0327 RedHat Security Advisories: RHSA-2018:3032 https://access.redhat.com/errata/RHSA-2018:3032 Common Vulnerability Exposure (CVE) ID: CVE-2018-7568 https://sourceware.org/bugzilla/show_bug.cgi?id=22894 Common Vulnerability Exposure (CVE) ID: CVE-2018-7569 https://sourceware.org/bugzilla/show_bug.cgi?id=22895 Common Vulnerability Exposure (CVE) ID: CVE-2018-7570 https://sourceware.org/bugzilla/show_bug.cgi?id=22881 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=01f7e10cf2dcf403462b2feed06c43135651556d Common Vulnerability Exposure (CVE) ID: CVE-2018-7642 https://sourceware.org/bugzilla/show_bug.cgi?id=22887 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=116acb2c268c89c89186673a7c92620d21825b25 Common Vulnerability Exposure (CVE) ID: CVE-2018-7643 BugTraq ID: 103264 http://www.securityfocus.com/bid/103264 https://sourceware.org/bugzilla/show_bug.cgi?id=22905 Common Vulnerability Exposure (CVE) ID: CVE-2018-8945 https://sourceware.org/bugzilla/show_bug.cgi?id=22809 https://usn.ubuntu.com/4336-1/ |
Copyright | Copyright (C) 2019 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |