SUSE Linux update for patch

1) Path traversal

EUVDB-ID: #VU12548

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2010-4651

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to write arbitrary files on the target system.

The weakness exists in util.c due to Path traversal. A remote attacker can trick the victim into opening a specially crafted file and create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname.

Mitigation

Update the affected packages.

Vulnerable software versions

SUSE Linux: 11

External links

http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00005.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Resource exhaustion

EUVDB-ID: #VU12549

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2014-9637

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to memory consumption. A remote attacker can trick the victim into opening a specially crafted diff file and cause the service to crash.

Mitigation

Update the affected packages.

Vulnerable software versions

SUSE Linux: 11

External links

http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00005.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Memory corruption

EUVDB-ID: #VU10656

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-10713

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to out-of-bounds access within pch_write_line() in pch.c. A local attacker can supply a specially crafted input, trigger memory corruption and cause the system to crash.

Mitigation

Update the affected packages.

Vulnerable software versions

SUSE Linux: 11

External links

http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00005.html

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper input validation

EUVDB-ID: #VU11646

Risk: High

CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-1000156

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists in the EDITOR_PROGRAM invocation due to improper input validation. A remote attacker can send a specially crafted patch file and execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update the affected packages.

Vulnerable software versions

SUSE Linux: 11

External links

http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00005.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.