ALT-BU-2017-3284-1
Branch sisyphus update bulletin.
Closed vulnerabilities
BDU:2018-00106
Уязвимость функции ares_parse_naptr_reply библиотеки асинхронных DNS-запросов c-ares, позволяющая нарушителю выполнить чтение за границами буфера в памяти
Modified: 2024-11-21
CVE-2016-5180
Heap-based buffer overflow in the ares_create_query function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly execute arbitrary code via a hostname with an escaped trailing dot.
- RHSA-2017:0002
- RHSA-2017:0002
- DSA-3682
- DSA-3682
- 93243
- 93243
- USN-3143-1
- USN-3143-1
- https://c-ares.haxx.se/adv_20160929.html
- https://c-ares.haxx.se/adv_20160929.html
- https://c-ares.haxx.se/CVE-2016-5180.patch
- https://c-ares.haxx.se/CVE-2016-5180.patch
- https://googlechromereleases.blogspot.in/2016/09/stable-channel-updates-for-chrome-os.html
- https://googlechromereleases.blogspot.in/2016/09/stable-channel-updates-for-chrome-os.html
- GLSA-201701-28
- GLSA-201701-28
- https://source.android.com/security/bulletin/2017-01-01.html
- https://source.android.com/security/bulletin/2017-01-01.html
Modified: 2024-11-21
CVE-2017-1000381
The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-0739
libssh before 0.7.3 improperly truncates ephemeral secrets generated for the (1) diffie-hellman-group1 and (2) diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."
- FEDORA-2016-d9f950c779
- FEDORA-2016-d9f950c779
- FEDORA-2016-dc9e8da03c
- FEDORA-2016-dc9e8da03c
- openSUSE-SU-2016:0880
- openSUSE-SU-2016:0880
- RHSA-2016:0566
- RHSA-2016:0566
- DSA-3488
- DSA-3488
- USN-2912-1
- USN-2912-1
- https://puppet.com/security/cve/CVE-2016-0739
- https://puppet.com/security/cve/CVE-2016-0739
- GLSA-201606-12
- GLSA-201606-12
- https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/
- https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/
- https://www.libssh.org/security/advisories/CVE-2016-0739.txt
- https://www.libssh.org/security/advisories/CVE-2016-0739.txt
Closed vulnerabilities
BDU:2019-01631
Уязвимость библиотеки elflint.c утилиты для модификации и анализа бинарных файлов ELF Elfutils, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2019-01633
Уязвимость функции check_group библиотеки elflint.c утилиты для модификации и анализа бинарных файлов ELF Elfutils, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2017-7607
The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
- openSUSE-SU-2019:1590
- openSUSE-SU-2019:1590
- 98608
- 98608
- https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-handle_gnu_hash-readelf-c
- https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-handle_gnu_hash-readelf-c
- GLSA-201710-10
- GLSA-201710-10
- USN-3670-1
- USN-3670-1
Modified: 2024-11-21
CVE-2017-7608
The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
- openSUSE-SU-2019:1590
- openSUSE-SU-2019:1590
- 98609
- 98609
- https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-ebl_object_note_type_name-eblobjnotetypename-c
- https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-ebl_object_note_type_name-eblobjnotetypename-c
- [debian-lts-announce] 20190225 [SECURITY] [DLA 1689-1] elfutils security update
- [debian-lts-announce] 20190225 [SECURITY] [DLA 1689-1] elfutils security update
- GLSA-201710-10
- GLSA-201710-10
- USN-3670-1
- USN-3670-1
Modified: 2024-11-21
CVE-2017-7609
elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
- openSUSE-SU-2019:1590
- openSUSE-SU-2019:1590
- https://blogs.gentoo.org/ago/2017/04/03/elfutils-memory-allocation-failure-in-__libelf_decompress-elf_compress-c
- https://blogs.gentoo.org/ago/2017/04/03/elfutils-memory-allocation-failure-in-__libelf_decompress-elf_compress-c
- GLSA-201710-10
- GLSA-201710-10
- USN-3670-1
- USN-3670-1
Modified: 2024-11-21
CVE-2017-7610
The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
- openSUSE-SU-2019:1590
- openSUSE-SU-2019:1590
- https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_group-elflint-c
- https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_group-elflint-c
- [debian-lts-announce] 20190225 [SECURITY] [DLA 1689-1] elfutils security update
- [debian-lts-announce] 20190225 [SECURITY] [DLA 1689-1] elfutils security update
- GLSA-201710-10
- GLSA-201710-10
- USN-3670-1
- USN-3670-1
Modified: 2024-11-21
CVE-2017-7611
The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
- openSUSE-SU-2019:1590
- openSUSE-SU-2019:1590
- https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_symtab_shndx-elflint-c
- https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_symtab_shndx-elflint-c
- [debian-lts-announce] 20190225 [SECURITY] [DLA 1689-1] elfutils security update
- [debian-lts-announce] 20190225 [SECURITY] [DLA 1689-1] elfutils security update
- GLSA-201710-10
- GLSA-201710-10
- USN-3670-1
- USN-3670-1
Modified: 2024-11-21
CVE-2017-7612
The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
- openSUSE-SU-2019:1590
- openSUSE-SU-2019:1590
- https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_sysv_hash-elflint-c
- https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_sysv_hash-elflint-c
- [debian-lts-announce] 20190225 [SECURITY] [DLA 1689-1] elfutils security update
- [debian-lts-announce] 20190225 [SECURITY] [DLA 1689-1] elfutils security update
- GLSA-201710-10
- GLSA-201710-10
- USN-3670-1
- USN-3670-1
Modified: 2024-11-21
CVE-2017-7613
elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
- openSUSE-SU-2019:1590
- openSUSE-SU-2019:1590
- https://blogs.gentoo.org/ago/2017/04/03/elfutils-memory-allocation-failure-in-xcalloc-xmalloc-c
- https://blogs.gentoo.org/ago/2017/04/03/elfutils-memory-allocation-failure-in-xcalloc-xmalloc-c
- [debian-lts-announce] 20190225 [SECURITY] [DLA 1689-1] elfutils security update
- [debian-lts-announce] 20190225 [SECURITY] [DLA 1689-1] elfutils security update
- GLSA-201710-10
- GLSA-201710-10
- USN-3670-1
- USN-3670-1