ID CVE-2018-16428
Summary In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.
References
Vulnerable Configurations
  • GNOME Glib 2.56.1
    cpe:2.3:a:gnome:glib:2.56.1
  • Canonical Ubuntu Linux 12.04 ESM (Extended Security Maintenance)
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:esm
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Canonical Ubuntu Linux 16.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:16.04:-:-:-:lts
  • Canonical Ubuntu Linux 18.04 LTS Edition
    cpe:2.3:o:canonical:ubuntu_linux:18.04:-:-:-:lts
CVSS
Base: 7.5
Impact:
Exploitability:
CWE CWE-476
CAPEC
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-1485.NASL
    description This update for glib2 fixes the following issues : Security issues fixed : - CVE-2018-16428: Do not do a NULL pointer dereference (crash). Avoid that, at the cost of introducing a new translatable error message (bsc#1107121). - CVE-2018-16429: Fixed out-of-bounds read vulnerability ing_markup_parse_context_parse() (bsc#1107116). Non-security issue fixed : - various GVariant parsing issues have been resolved (bsc#1111499) This update was imported from the SUSE:SLE-15:Update update project.
    last seen 2019-02-21
    modified 2018-12-07
    plugin id 119493
    published 2018-12-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119493
    title openSUSE Security Update : glib2 (openSUSE-2018-1485)
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2018-1_0-0194_GLIB.NASL
    description An update of the glib package has been released.
    last seen 2019-02-08
    modified 2019-02-07
    plugin id 121896
    published 2019-02-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121896
    title Photon OS 1.0: Glib PHSA-2018-1.0-0194
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2018-2_0-0108_GLIB.NASL
    description An update of the glib package has been released.
    last seen 2019-02-08
    modified 2019-02-07
    plugin id 122004
    published 2019-02-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122004
    title Photon OS 2.0: Glib PHSA-2018-2.0-0108
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-39BE36E9FC.NASL
    description Security fixes for CVE-2018-6055 CVE-2018-6119 CVE-2018-16429 CVE-2018-16428 ---- Update to Chromium 69. (EPEL-7 update is blocked by a GCC bug: 1629813, so as soon as devtoolset-8 arrives...) Fixes a lot of security issues, like every major release of Chromium, including CVE-2018-16087 CVE-2018-16088 CVE-2018-16086CVE-2018-16065 CVE-2018-16066 CVE-2018-16067 CVE-2018-16068 CVE-2018-16069 CVE-2018-16070 CVE-2018-16071 CVE-2018-16072 CVE-2018-16073 CVE-2018-16074 CVE-2018-16075 CVE-2018-16076 CVE-2018-16077 CVE-2018-16078 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-03
    plugin id 120356
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120356
    title Fedora 29 : chromium (2018-39be36e9fc)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-3913-1.NASL
    description This update for glib2 fixes the following issues : Security issues fixed : CVE-2018-16428: Do not do a NULL pointer dereference (crash). Avoid that, at the cost of introducing a new translatable error message (bsc#1107121). CVE-2018-16429: Fixed out-of-bounds read vulnerability ing_markup_parse_context_parse() (bsc#1107116). Non-security issue fixed: various GVariant parsing issues have been resolved (bsc#1111499) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 120169
    published 2019-01-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120169
    title SUSE SLED15 / SLES15 Security Update : glib2 (SUSE-SU-2018:3913-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-F76E6D17F1.NASL
    description Security fixes for CVE-2018-6055 CVE-2018-6119 CVE-2018-16429 CVE-2018-16428 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-03
    plugin id 120923
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120923
    title Fedora 28 : chromium (2018-f76e6d17f1)
refmap via4
bid 105210
misc
ubuntu
  • USN-3767-1
  • USN-3767-2
Last major update 03-09-2018 - 20:29
Published 03-09-2018 - 20:29
Last modified 31-07-2019 - 17:15
Back to Top