2017-02-13
ALT-BU-2017-2932-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Published: 2016-05-25
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-8853
The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80."
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- FEDORA-2016-5a9313e4b4
- FEDORA-2016-5a9313e4b4
- http://perl5.git.perl.org/perl.git/commitdiff/22b433eff9a1ffa2454e18405a56650f07b385b5
- http://perl5.git.perl.org/perl.git/commitdiff/22b433eff9a1ffa2454e18405a56650f07b385b5
- [oss-security] 20160420 CVE Request: perl: denial-of-service / Regexp-matching "hangs" indefinitely on illegal input using binmode :utf8 using 100%CPU
- [oss-security] 20160420 CVE Request: perl: denial-of-service / Regexp-matching "hangs" indefinitely on illegal input using binmode :utf8 using 100%CPU
- [oss-security] 20160420 Re: CVE Request: perl: denial-of-service / Regexp-matching "hangs" indefinitely on illegal input using binmode :utf8 using 100%CPU
- [oss-security] 20160420 Re: CVE Request: perl: denial-of-service / Regexp-matching "hangs" indefinitely on illegal input using binmode :utf8 using 100%CPU
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- 86707
- 86707
- https://bugzilla.redhat.com/show_bug.cgi?id=1329106
- https://bugzilla.redhat.com/show_bug.cgi?id=1329106
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
- https://rt.perl.org/Public/Bug/Display.html?id=123562
- https://rt.perl.org/Public/Bug/Display.html?id=123562
- GLSA-201701-75
- GLSA-201701-75
- USN-3625-1
- USN-3625-1
- USN-3625-2
- USN-3625-2
Published: 2016-04-08
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-2381
Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
References:
- openSUSE-SU-2016:0881
- openSUSE-SU-2016:0881
- http://perl5.git.perl.org/perl.git/commitdiff/ae37b791a73a9e78dedb89fb2429d2628cf58076
- http://perl5.git.perl.org/perl.git/commitdiff/ae37b791a73a9e78dedb89fb2429d2628cf58076
- DSA-3501
- DSA-3501
- [porters] 20160301 CVE-2016-2381: duplicate environment variables
- [porters] 20160301 CVE-2016-2381: duplicate environment variables
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- 83802
- 83802
- USN-2916-1
- USN-2916-1
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
- GLSA-201701-75
- GLSA-201701-75
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/security-alerts/cpujul2020.html
Closed vulnerabilities
Published: 2018-07-03
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-2615
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
Severity: CRITICAL (9.1)
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
References:
- RHSA-2017:0309
- RHSA-2017:0309
- RHSA-2017:0328
- RHSA-2017:0328
- RHSA-2017:0329
- RHSA-2017:0329
- RHSA-2017:0330
- RHSA-2017:0330
- RHSA-2017:0331
- RHSA-2017:0331
- RHSA-2017:0332
- RHSA-2017:0332
- RHSA-2017:0333
- RHSA-2017:0333
- RHSA-2017:0334
- RHSA-2017:0334
- RHSA-2017:0344
- RHSA-2017:0344
- RHSA-2017:0350
- RHSA-2017:0350
- RHSA-2017:0396
- RHSA-2017:0396
- RHSA-2017:0454
- RHSA-2017:0454
- [oss-security] 20170201 CVE-2017-2615 Qemu: display: cirrus: oob access while doing bitblt copy backward mode
- [oss-security] 20170201 CVE-2017-2615 Qemu: display: cirrus: oob access while doing bitblt copy backward mode
- 95990
- 95990
- 1037804
- 1037804
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2615
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2615
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- [qemu-devel] 20170201 [PATCH v3] cirrus: fix oob access issue (CVE-2017-2615)
- [qemu-devel] 20170201 [PATCH v3] cirrus: fix oob access issue (CVE-2017-2615)
- GLSA-201702-27
- GLSA-201702-27
- GLSA-201702-28
- GLSA-201702-28
- https://support.citrix.com/article/CTX220771
- https://support.citrix.com/article/CTX220771