Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-8982 (GCVE-0-2015-8982)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:36:31.166Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[oss-security] 20170214 Re: Pending CVE requests for glibc", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2017/02/14/9" }, { "name": "72602", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/72602" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=0f9e585480ed" }, { "name": "[oss-security] 20150213 CVE Requests - glibc overflows (strxfrm)", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2015/02/13/3" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2013-10-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-29T14:08:46", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "[oss-security] 20170214 Re: Pending CVE requests for glibc", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2017/02/14/9" }, { "name": "72602", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/72602" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=0f9e585480ed" }, { "name": "[oss-security] 20150213 CVE Requests - glibc overflows (strxfrm)", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2015/02/13/3" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-8982", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "[oss-security] 20170214 Re: Pending CVE requests for glibc", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2017/02/14/9" }, { "name": "72602", "refsource": "BID", "url": "http://www.securityfocus.com/bid/72602" }, { "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009", "refsource": "CONFIRM", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009" }, { "name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=0f9e585480ed", "refsource": "CONFIRM", "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=0f9e585480ed" }, { "name": "[oss-security] 20150213 CVE Requests - glibc overflows (strxfrm)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/02/13/3" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-8982", "datePublished": "2017-03-15T19:00:00", "dateReserved": "2017-02-14T00:00:00", "dateUpdated": "2024-08-06T08:36:31.166Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2015-8982\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-03-15T19:59:00.360\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de entero en la funci\u00f3n strxfrm en la GNU C Library (tambi\u00e9n conocida como glibc o libc6) en versiones anteriores a 2.21 permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio (ca\u00edda) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena larga, lo que desencadena un desbordamiento de b\u00fafer basado en pila.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.20\",\"matchCriteriaId\":\"AA913F6A-63A0-468F-A0E0-66748E337246\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2015/02/13/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2017/02/14/9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/72602\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://sourceware.org/bugzilla/show_bug.cgi?id=16009\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=0f9e585480ed\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/02/13/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2017/02/14/9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/72602\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://sourceware.org/bugzilla/show_bug.cgi?id=16009\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=0f9e585480ed\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
wid-sec-w-2022-2008
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Die GNU libc ist die Basis C Bibliothek unter Linux sowie anderen Unix-Betriebssystemen, welche die Systemaufrufe sowie Basisfunktionalit\u00e4t bereitstellt.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in GNU libc ausnutzen, um beliebigen Programmcode mit den Rechten des Angegriffenen auszuf\u00fchren oder einen Denial of Service Angriff durchf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- F5 Networks\n- Linux\n- UNIX", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2022-2008 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2022-2008.json" }, { "category": "self", "summary": "WID-SEC-2022-2008 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2008" }, { "category": "external", "summary": "Meldung auf der oss-sec Mailing Liste vom 2017-02-14", "url": "http://seclists.org/oss-sec/2017/q1/437" }, { "category": "external", "summary": "Ubuntu Security Notice USN-3239-1 vom 2017-03-21", "url": "http://www.ubuntu.com/usn/usn-3239-1/" }, { "category": "external", "summary": "Ubuntu Security Notice USN-3239-2 vom 2017-03-22", "url": "http://www.ubuntu.com/usn/usn-3239-2/" }, { "category": "external", "summary": "Ubuntu Security Notice USN-3239-3 vom 2017-03-24", "url": "http://www.ubuntu.com/usn/usn-3239-3/" }, { "category": "external", "summary": "F5 Security Advisory K25552364 vom 2017-04-25", "url": "https://support.f5.com/csp/article/K25552364" }, { "category": "external", "summary": "F5 Security Advisory K39204079 vom 2017-04-26", "url": "https://support.f5.com/csp/article/K39204079" }, { "category": "external", "summary": "F5 Security Advisory K29241247 vom 2017-04-26", "url": "https://support.f5.com/csp/article/K29241247" }, { "category": "external", "summary": "GENTOO Security Advisory GLSA201908-06 vom 2019-08-15", "url": "https://security.gentoo.org/glsa/201908-06" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2019-4753 vom 2019-08-19", "url": "http://linux.oracle.com/errata/ELSA-2019-4753.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2021-0348 vom 2021-02-04", "url": "https://linux.oracle.com/errata/ELSA-2021-0348.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2022:0832-1 vom 2022-03-14", "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010437.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2022:14923-1 vom 2022-03-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010489.html" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS-2022-1869 vom 2022-11-09", "url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1869.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2022:3942-1 vom 2022-11-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/012879.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2022:3942-2 vom 2022-11-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/013175.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12444 vom 2024-06-19", "url": "https://linux.oracle.com/errata/ELSA-2024-12444.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2025-20596 vom 2025-09-17", "url": "https://linux.oracle.com/errata/ELSA-2025-20596.html" } ], "source_lang": "en-US", "title": "GNU libc: mehrere Schwachstellen", "tracking": { "current_release_date": "2025-09-17T22:00:00.000+00:00", "generator": { "date": "2025-09-18T07:16:09.759+00:00", "engine": { "name": "BSI-WID", "version": "1.4.0" } }, "id": "WID-SEC-W-2022-2008", "initial_release_date": "2017-02-14T23:00:00.000+00:00", "revision_history": [ { "date": "2017-02-14T23:00:00.000+00:00", "number": "1", "summary": "Initial Release" }, { "date": "2017-02-14T23:00:00.000+00:00", "number": "2", "summary": "Version nicht vorhanden" }, { "date": "2017-03-20T23:00:00.000+00:00", "number": "3", "summary": "New remediations available" }, { "date": "2017-03-21T23:00:00.000+00:00", "number": "4", "summary": "New remediations available" }, { "date": "2017-03-23T23:00:00.000+00:00", "number": "5", "summary": "New remediations available" }, { "date": "2017-04-25T22:00:00.000+00:00", "number": "6", "summary": "New remediations available" }, { "date": "2017-04-25T22:00:00.000+00:00", "number": "7", "summary": "Version nicht vorhanden" }, { "date": "2017-04-26T22:00:00.000+00:00", "number": "8", "summary": "New remediations available" }, { "date": "2019-08-15T22:00:00.000+00:00", "number": "9", "summary": "Neue Updates von GENTOO aufgenommen" }, { "date": "2019-08-19T22:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2021-02-03T23:00:00.000+00:00", "number": "11", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2022-03-14T23:00:00.000+00:00", "number": "12", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2022-03-21T23:00:00.000+00:00", "number": "13", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2022-11-09T23:00:00.000+00:00", "number": "14", "summary": "Neue Updates von Amazon aufgenommen" }, { "date": "2022-11-10T23:00:00.000+00:00", "number": "15", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2022-11-30T23:00:00.000+00:00", "number": "16", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-06-18T22:00:00.000+00:00", "number": "17", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2025-09-17T22:00:00.000+00:00", "number": "18", "summary": "Neue Updates von Oracle Linux aufgenommen" } ], "status": "final", "version": "18" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "398363", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP", "product": { "name": "F5 BIG-IP", "product_id": "T001663", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip:-" } } } ], "category": "vendor", "name": "F5" }, { "branches": [ { "category": "product_name", "name": "Gentoo Linux", "product": { "name": "Gentoo Linux", "product_id": "T012167", "product_identification_helper": { "cpe": "cpe:/o:gentoo:linux:-" } } } ], "category": "vendor", "name": "Gentoo" }, { "branches": [ { "category": "product_name", "name": "Open Source GNU libc", "product": { "name": "Open Source GNU libc", "product_id": "190376", "product_identification_helper": { "cpe": "cpe:/a:gnu:glibc:2.17" } } } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-8982", "product_status": { "known_affected": [ "T002207", "T000126", "T001663", "398363", "T012167", "T004914", "190376" ] }, "release_date": "2017-02-14T23:00:00.000+00:00", "title": "CVE-2015-8982" }, { "cve": "CVE-2015-8983", "product_status": { "known_affected": [ "T002207", "T000126", "T001663", "398363", "T012167", "T004914", "190376" ] }, "release_date": "2017-02-14T23:00:00.000+00:00", "title": "CVE-2015-8983" }, { "cve": "CVE-2015-8984", "product_status": { "known_affected": [ "T002207", "T000126", "T001663", "398363", "T012167", "T004914", "190376" ] }, "release_date": "2017-02-14T23:00:00.000+00:00", "title": "CVE-2015-8984" }, { "cve": "CVE-2015-8985", "product_status": { "known_affected": [ "T002207", "T000126", "T001663", "398363", "T012167", "T004914", "190376" ] }, "release_date": "2017-02-14T23:00:00.000+00:00", "title": "CVE-2015-8985" } ] }
WID-SEC-W-2022-2008
Vulnerability from csaf_certbund
Notes
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Die GNU libc ist die Basis C Bibliothek unter Linux sowie anderen Unix-Betriebssystemen, welche die Systemaufrufe sowie Basisfunktionalit\u00e4t bereitstellt.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in GNU libc ausnutzen, um beliebigen Programmcode mit den Rechten des Angegriffenen auszuf\u00fchren oder einen Denial of Service Angriff durchf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- F5 Networks\n- Linux\n- UNIX", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2022-2008 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2022-2008.json" }, { "category": "self", "summary": "WID-SEC-2022-2008 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2008" }, { "category": "external", "summary": "Meldung auf der oss-sec Mailing Liste vom 2017-02-14", "url": "http://seclists.org/oss-sec/2017/q1/437" }, { "category": "external", "summary": "Ubuntu Security Notice USN-3239-1 vom 2017-03-21", "url": "http://www.ubuntu.com/usn/usn-3239-1/" }, { "category": "external", "summary": "Ubuntu Security Notice USN-3239-2 vom 2017-03-22", "url": "http://www.ubuntu.com/usn/usn-3239-2/" }, { "category": "external", "summary": "Ubuntu Security Notice USN-3239-3 vom 2017-03-24", "url": "http://www.ubuntu.com/usn/usn-3239-3/" }, { "category": "external", "summary": "F5 Security Advisory K25552364 vom 2017-04-25", "url": "https://support.f5.com/csp/article/K25552364" }, { "category": "external", "summary": "F5 Security Advisory K39204079 vom 2017-04-26", "url": "https://support.f5.com/csp/article/K39204079" }, { "category": "external", "summary": "F5 Security Advisory K29241247 vom 2017-04-26", "url": "https://support.f5.com/csp/article/K29241247" }, { "category": "external", "summary": "GENTOO Security Advisory GLSA201908-06 vom 2019-08-15", "url": "https://security.gentoo.org/glsa/201908-06" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2019-4753 vom 2019-08-19", "url": "http://linux.oracle.com/errata/ELSA-2019-4753.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2021-0348 vom 2021-02-04", "url": "https://linux.oracle.com/errata/ELSA-2021-0348.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2022:0832-1 vom 2022-03-14", "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010437.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2022:14923-1 vom 2022-03-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010489.html" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS-2022-1869 vom 2022-11-09", "url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1869.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2022:3942-1 vom 2022-11-10", "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/012879.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2022:3942-2 vom 2022-11-30", "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/013175.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12444 vom 2024-06-19", "url": "https://linux.oracle.com/errata/ELSA-2024-12444.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2025-20596 vom 2025-09-17", "url": "https://linux.oracle.com/errata/ELSA-2025-20596.html" } ], "source_lang": "en-US", "title": "GNU libc: mehrere Schwachstellen", "tracking": { "current_release_date": "2025-09-17T22:00:00.000+00:00", "generator": { "date": "2025-09-18T07:16:09.759+00:00", "engine": { "name": "BSI-WID", "version": "1.4.0" } }, "id": "WID-SEC-W-2022-2008", "initial_release_date": "2017-02-14T23:00:00.000+00:00", "revision_history": [ { "date": "2017-02-14T23:00:00.000+00:00", "number": "1", "summary": "Initial Release" }, { "date": "2017-02-14T23:00:00.000+00:00", "number": "2", "summary": "Version nicht vorhanden" }, { "date": "2017-03-20T23:00:00.000+00:00", "number": "3", "summary": "New remediations available" }, { "date": "2017-03-21T23:00:00.000+00:00", "number": "4", "summary": "New remediations available" }, { "date": "2017-03-23T23:00:00.000+00:00", "number": "5", "summary": "New remediations available" }, { "date": "2017-04-25T22:00:00.000+00:00", "number": "6", "summary": "New remediations available" }, { "date": "2017-04-25T22:00:00.000+00:00", "number": "7", "summary": "Version nicht vorhanden" }, { "date": "2017-04-26T22:00:00.000+00:00", "number": "8", "summary": "New remediations available" }, { "date": "2019-08-15T22:00:00.000+00:00", "number": "9", "summary": "Neue Updates von GENTOO aufgenommen" }, { "date": "2019-08-19T22:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2021-02-03T23:00:00.000+00:00", "number": "11", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2022-03-14T23:00:00.000+00:00", "number": "12", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2022-03-21T23:00:00.000+00:00", "number": "13", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2022-11-09T23:00:00.000+00:00", "number": "14", "summary": "Neue Updates von Amazon aufgenommen" }, { "date": "2022-11-10T23:00:00.000+00:00", "number": "15", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2022-11-30T23:00:00.000+00:00", "number": "16", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-06-18T22:00:00.000+00:00", "number": "17", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2025-09-17T22:00:00.000+00:00", "number": "18", "summary": "Neue Updates von Oracle Linux aufgenommen" } ], "status": "final", "version": "18" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "398363", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "category": "product_name", "name": "F5 BIG-IP", "product": { "name": "F5 BIG-IP", "product_id": "T001663", "product_identification_helper": { "cpe": "cpe:/a:f5:big-ip:-" } } } ], "category": "vendor", "name": "F5" }, { "branches": [ { "category": "product_name", "name": "Gentoo Linux", "product": { "name": "Gentoo Linux", "product_id": "T012167", "product_identification_helper": { "cpe": "cpe:/o:gentoo:linux:-" } } } ], "category": "vendor", "name": "Gentoo" }, { "branches": [ { "category": "product_name", "name": "Open Source GNU libc", "product": { "name": "Open Source GNU libc", "product_id": "190376", "product_identification_helper": { "cpe": "cpe:/a:gnu:glibc:2.17" } } } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-8982", "product_status": { "known_affected": [ "T002207", "T000126", "T001663", "398363", "T012167", "T004914", "190376" ] }, "release_date": "2017-02-14T23:00:00.000+00:00", "title": "CVE-2015-8982" }, { "cve": "CVE-2015-8983", "product_status": { "known_affected": [ "T002207", "T000126", "T001663", "398363", "T012167", "T004914", "190376" ] }, "release_date": "2017-02-14T23:00:00.000+00:00", "title": "CVE-2015-8983" }, { "cve": "CVE-2015-8984", "product_status": { "known_affected": [ "T002207", "T000126", "T001663", "398363", "T012167", "T004914", "190376" ] }, "release_date": "2017-02-14T23:00:00.000+00:00", "title": "CVE-2015-8984" }, { "cve": "CVE-2015-8985", "product_status": { "known_affected": [ "T002207", "T000126", "T001663", "398363", "T012167", "T004914", "190376" ] }, "release_date": "2017-02-14T23:00:00.000+00:00", "title": "CVE-2015-8985" } ] }
ghsa-qw97-54gm-4j6w
Vulnerability from github
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
{ "affected": [], "aliases": [ "CVE-2015-8982" ], "database_specific": { "cwe_ids": [ "CWE-190" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2017-03-15T19:59:00Z", "severity": "HIGH" }, "details": "Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.", "id": "GHSA-qw97-54gm-4j6w", "modified": "2025-04-20T03:34:10Z", "published": "2022-05-13T01:09:05Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8982" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "type": "WEB", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009" }, { "type": "WEB", "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=0f9e585480ed" }, { "type": "WEB", "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=0f9e585480ed" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2015/02/13/3" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2017/02/14/9" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/72602" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }
suse-su-2022:14923-1
Vulnerability from csaf_suse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Security update for glibc", "title": "Title of the patch" }, { "category": "description", "text": "This update for glibc fixes the following issues:\n\n- CVE-2022-23219: Fixed buffer overflow in sunrpc clnt_create for \u0027unix\u0027 (bsc#1194768, BZ #22542)\n- CVE-2022-23218: Fixed buffer overflow in sunrpc svcunix_create (bsc#1194770, BZ #28768)\n- CVE-2021-3999: Fixed in getcwd to set errno to ERANGE for size == 1 (bsc#1194640, BZ #28769)\n- CVE-2015-8983: Fixed _IO_wstr_overflow integer overflow (bsc#1193615, BZ #17269)\n- CVE-2015-8982: Fixed memory handling in strxfrm_l (bsc#1193616, BZ #16009)\n", "title": "Description of the patch" }, { "category": "details", "text": "sleposp3-glibc-14923,slessp4-glibc-14923", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_14923-1.json" }, { "category": "self", "summary": "URL for SUSE-SU-2022:14923-1", "url": "https://www.suse.com/support/update/announcement/2022/suse-su-202214923-1/" }, { "category": "self", "summary": "E-Mail link for SUSE-SU-2022:14923-1", "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010489.html" }, { "category": "self", "summary": "SUSE Bug 1193615", "url": "https://bugzilla.suse.com/1193615" }, { "category": "self", "summary": "SUSE Bug 1193616", "url": "https://bugzilla.suse.com/1193616" }, { "category": "self", "summary": "SUSE Bug 1194640", "url": "https://bugzilla.suse.com/1194640" }, { "category": "self", "summary": "SUSE Bug 1194768", "url": "https://bugzilla.suse.com/1194768" }, { "category": "self", "summary": "SUSE Bug 1194770", "url": "https://bugzilla.suse.com/1194770" }, { "category": "self", "summary": "SUSE CVE CVE-2015-8982 page", "url": "https://www.suse.com/security/cve/CVE-2015-8982/" }, { "category": "self", "summary": "SUSE CVE CVE-2015-8983 page", "url": "https://www.suse.com/security/cve/CVE-2015-8983/" }, { "category": "self", "summary": "SUSE CVE CVE-2021-3999 page", "url": "https://www.suse.com/security/cve/CVE-2021-3999/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-23218 page", "url": "https://www.suse.com/security/cve/CVE-2022-23218/" }, { "category": "self", "summary": "SUSE CVE CVE-2022-23219 page", "url": "https://www.suse.com/security/cve/CVE-2022-23219/" } ], "title": "Security update for glibc", "tracking": { "current_release_date": "2022-03-21T08:47:58Z", "generator": { "date": "2022-03-21T08:47:58Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "SUSE-SU-2022:14923-1", "initial_release_date": "2022-03-21T08:47:58Z", "revision_history": [ { "date": "2022-03-21T08:47:58Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "glibc-2.11.3-17.110.40.1.i586", "product": { "name": "glibc-2.11.3-17.110.40.1.i586", "product_id": "glibc-2.11.3-17.110.40.1.i586" } }, { "category": "product_version", "name": "glibc-devel-2.11.3-17.110.40.1.i586", "product": { "name": "glibc-devel-2.11.3-17.110.40.1.i586", "product_id": "glibc-devel-2.11.3-17.110.40.1.i586" } }, { "category": "product_version", "name": "glibc-html-2.11.3-17.110.40.1.i586", "product": { "name": "glibc-html-2.11.3-17.110.40.1.i586", "product_id": "glibc-html-2.11.3-17.110.40.1.i586" } }, { "category": "product_version", "name": "glibc-i18ndata-2.11.3-17.110.40.1.i586", "product": { "name": "glibc-i18ndata-2.11.3-17.110.40.1.i586", "product_id": "glibc-i18ndata-2.11.3-17.110.40.1.i586" } }, { "category": "product_version", "name": "glibc-info-2.11.3-17.110.40.1.i586", "product": { "name": "glibc-info-2.11.3-17.110.40.1.i586", "product_id": "glibc-info-2.11.3-17.110.40.1.i586" } }, { "category": "product_version", "name": "glibc-locale-2.11.3-17.110.40.1.i586", "product": { "name": "glibc-locale-2.11.3-17.110.40.1.i586", "product_id": "glibc-locale-2.11.3-17.110.40.1.i586" } }, { "category": "product_version", "name": "glibc-profile-2.11.3-17.110.40.1.i586", "product": { "name": "glibc-profile-2.11.3-17.110.40.1.i586", "product_id": "glibc-profile-2.11.3-17.110.40.1.i586" } }, { "category": "product_version", "name": "nscd-2.11.3-17.110.40.1.i586", "product": { "name": "nscd-2.11.3-17.110.40.1.i586", "product_id": "nscd-2.11.3-17.110.40.1.i586" } } ], "category": "architecture", "name": "i586" }, { "branches": [ { "category": "product_version", "name": "glibc-2.11.3-17.110.40.1.i686", "product": { "name": "glibc-2.11.3-17.110.40.1.i686", "product_id": "glibc-2.11.3-17.110.40.1.i686" } }, { "category": "product_version", "name": "glibc-devel-2.11.3-17.110.40.1.i686", "product": { "name": "glibc-devel-2.11.3-17.110.40.1.i686", "product_id": "glibc-devel-2.11.3-17.110.40.1.i686" } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "glibc-2.11.3-17.110.40.1.ppc64", "product": { "name": "glibc-2.11.3-17.110.40.1.ppc64", "product_id": "glibc-2.11.3-17.110.40.1.ppc64" } }, { "category": "product_version", "name": "glibc-32bit-2.11.3-17.110.40.1.ppc64", "product": { "name": "glibc-32bit-2.11.3-17.110.40.1.ppc64", "product_id": "glibc-32bit-2.11.3-17.110.40.1.ppc64" } }, { "category": "product_version", "name": "glibc-devel-2.11.3-17.110.40.1.ppc64", "product": { "name": "glibc-devel-2.11.3-17.110.40.1.ppc64", "product_id": "glibc-devel-2.11.3-17.110.40.1.ppc64" } }, { "category": "product_version", "name": "glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "product": { "name": "glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "product_id": "glibc-devel-32bit-2.11.3-17.110.40.1.ppc64" } }, { "category": "product_version", "name": "glibc-html-2.11.3-17.110.40.1.ppc64", "product": { "name": "glibc-html-2.11.3-17.110.40.1.ppc64", "product_id": "glibc-html-2.11.3-17.110.40.1.ppc64" } }, { "category": "product_version", "name": "glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "product": { "name": "glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "product_id": "glibc-i18ndata-2.11.3-17.110.40.1.ppc64" } }, { "category": "product_version", "name": "glibc-info-2.11.3-17.110.40.1.ppc64", "product": { "name": "glibc-info-2.11.3-17.110.40.1.ppc64", "product_id": "glibc-info-2.11.3-17.110.40.1.ppc64" } }, { "category": "product_version", "name": "glibc-locale-2.11.3-17.110.40.1.ppc64", "product": { "name": "glibc-locale-2.11.3-17.110.40.1.ppc64", "product_id": "glibc-locale-2.11.3-17.110.40.1.ppc64" } }, { "category": "product_version", "name": "glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "product": { "name": "glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "product_id": "glibc-locale-32bit-2.11.3-17.110.40.1.ppc64" } }, { "category": "product_version", "name": "glibc-profile-2.11.3-17.110.40.1.ppc64", "product": { "name": "glibc-profile-2.11.3-17.110.40.1.ppc64", "product_id": "glibc-profile-2.11.3-17.110.40.1.ppc64" } }, { "category": "product_version", "name": "glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "product": { "name": "glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "product_id": "glibc-profile-32bit-2.11.3-17.110.40.1.ppc64" } }, { "category": "product_version", "name": "nscd-2.11.3-17.110.40.1.ppc64", "product": { "name": "nscd-2.11.3-17.110.40.1.ppc64", "product_id": "nscd-2.11.3-17.110.40.1.ppc64" } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "glibc-2.11.3-17.110.40.1.s390x", "product": { "name": "glibc-2.11.3-17.110.40.1.s390x", "product_id": "glibc-2.11.3-17.110.40.1.s390x" } }, { "category": "product_version", "name": "glibc-32bit-2.11.3-17.110.40.1.s390x", "product": { "name": "glibc-32bit-2.11.3-17.110.40.1.s390x", "product_id": "glibc-32bit-2.11.3-17.110.40.1.s390x" } }, { "category": "product_version", "name": "glibc-devel-2.11.3-17.110.40.1.s390x", "product": { "name": "glibc-devel-2.11.3-17.110.40.1.s390x", "product_id": "glibc-devel-2.11.3-17.110.40.1.s390x" } }, { "category": "product_version", "name": "glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "product": { "name": "glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "product_id": "glibc-devel-32bit-2.11.3-17.110.40.1.s390x" } }, { "category": "product_version", "name": "glibc-html-2.11.3-17.110.40.1.s390x", "product": { "name": "glibc-html-2.11.3-17.110.40.1.s390x", "product_id": "glibc-html-2.11.3-17.110.40.1.s390x" } }, { "category": "product_version", "name": "glibc-i18ndata-2.11.3-17.110.40.1.s390x", "product": { "name": "glibc-i18ndata-2.11.3-17.110.40.1.s390x", "product_id": "glibc-i18ndata-2.11.3-17.110.40.1.s390x" } }, { "category": "product_version", "name": "glibc-info-2.11.3-17.110.40.1.s390x", "product": { "name": "glibc-info-2.11.3-17.110.40.1.s390x", "product_id": "glibc-info-2.11.3-17.110.40.1.s390x" } }, { "category": "product_version", "name": "glibc-locale-2.11.3-17.110.40.1.s390x", "product": { "name": "glibc-locale-2.11.3-17.110.40.1.s390x", "product_id": "glibc-locale-2.11.3-17.110.40.1.s390x" } }, { "category": "product_version", "name": "glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "product": { "name": "glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "product_id": "glibc-locale-32bit-2.11.3-17.110.40.1.s390x" } }, { "category": "product_version", "name": "glibc-profile-2.11.3-17.110.40.1.s390x", "product": { "name": "glibc-profile-2.11.3-17.110.40.1.s390x", "product_id": "glibc-profile-2.11.3-17.110.40.1.s390x" } }, { "category": "product_version", "name": "glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "product": { "name": "glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "product_id": "glibc-profile-32bit-2.11.3-17.110.40.1.s390x" } }, { "category": "product_version", "name": "nscd-2.11.3-17.110.40.1.s390x", "product": { "name": "nscd-2.11.3-17.110.40.1.s390x", "product_id": "nscd-2.11.3-17.110.40.1.s390x" } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "glibc-2.11.3-17.110.40.1.x86_64", "product": { "name": "glibc-2.11.3-17.110.40.1.x86_64", "product_id": "glibc-2.11.3-17.110.40.1.x86_64" } }, { "category": "product_version", "name": "glibc-32bit-2.11.3-17.110.40.1.x86_64", "product": { "name": "glibc-32bit-2.11.3-17.110.40.1.x86_64", "product_id": "glibc-32bit-2.11.3-17.110.40.1.x86_64" } }, { "category": "product_version", "name": "glibc-devel-2.11.3-17.110.40.1.x86_64", "product": { "name": "glibc-devel-2.11.3-17.110.40.1.x86_64", "product_id": "glibc-devel-2.11.3-17.110.40.1.x86_64" } }, { "category": "product_version", "name": "glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "product": { "name": "glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "product_id": "glibc-devel-32bit-2.11.3-17.110.40.1.x86_64" } }, { "category": "product_version", "name": "glibc-html-2.11.3-17.110.40.1.x86_64", "product": { "name": "glibc-html-2.11.3-17.110.40.1.x86_64", "product_id": "glibc-html-2.11.3-17.110.40.1.x86_64" } }, { "category": "product_version", "name": "glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "product": { "name": "glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "product_id": "glibc-i18ndata-2.11.3-17.110.40.1.x86_64" } }, { "category": "product_version", "name": "glibc-info-2.11.3-17.110.40.1.x86_64", "product": { "name": "glibc-info-2.11.3-17.110.40.1.x86_64", "product_id": "glibc-info-2.11.3-17.110.40.1.x86_64" } }, { "category": "product_version", "name": "glibc-locale-2.11.3-17.110.40.1.x86_64", "product": { "name": "glibc-locale-2.11.3-17.110.40.1.x86_64", "product_id": "glibc-locale-2.11.3-17.110.40.1.x86_64" } }, { "category": "product_version", "name": "glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "product": { "name": "glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "product_id": "glibc-locale-32bit-2.11.3-17.110.40.1.x86_64" } }, { "category": "product_version", "name": "glibc-profile-2.11.3-17.110.40.1.x86_64", "product": { "name": "glibc-profile-2.11.3-17.110.40.1.x86_64", "product_id": "glibc-profile-2.11.3-17.110.40.1.x86_64" } }, { "category": "product_version", "name": "glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "product": { "name": "glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "product_id": "glibc-profile-32bit-2.11.3-17.110.40.1.x86_64" } }, { "category": "product_version", "name": "nscd-2.11.3-17.110.40.1.x86_64", "product": { "name": "nscd-2.11.3-17.110.40.1.x86_64", "product_id": "nscd-2.11.3-17.110.40.1.x86_64" } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux Enterprise Point of Sale 11 SP3", "product": { "name": "SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3", "product_identification_helper": { "cpe": "cpe:/o:suse:sle-pos:11:sp3" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 11 SP4-LTSS", "product": { "name": "SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_sles:11:sp4" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "glibc-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586" }, "product_reference": "glibc-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-2.11.3-17.110.40.1.i686 as component of SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686" }, "product_reference": "glibc-2.11.3-17.110.40.1.i686", "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586" }, "product_reference": "glibc-devel-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-2.11.3-17.110.40.1.i686 as component of SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686" }, "product_reference": "glibc-devel-2.11.3-17.110.40.1.i686", "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-html-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586" }, "product_reference": "glibc-html-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-i18ndata-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586" }, "product_reference": "glibc-i18ndata-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-info-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586" }, "product_reference": "glibc-info-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-locale-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586" }, "product_reference": "glibc-locale-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-profile-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586" }, "product_reference": "glibc-profile-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "nscd-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586" }, "product_reference": "nscd-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586" }, "product_reference": "glibc-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-2.11.3-17.110.40.1.i686 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686" }, "product_reference": "glibc-2.11.3-17.110.40.1.i686", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-2.11.3-17.110.40.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64" }, "product_reference": "glibc-2.11.3-17.110.40.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-2.11.3-17.110.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x" }, "product_reference": "glibc-2.11.3-17.110.40.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-2.11.3-17.110.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64" }, "product_reference": "glibc-2.11.3-17.110.40.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-32bit-2.11.3-17.110.40.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64" }, "product_reference": "glibc-32bit-2.11.3-17.110.40.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-32bit-2.11.3-17.110.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x" }, "product_reference": "glibc-32bit-2.11.3-17.110.40.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-32bit-2.11.3-17.110.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64" }, "product_reference": "glibc-32bit-2.11.3-17.110.40.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586" }, "product_reference": "glibc-devel-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-2.11.3-17.110.40.1.i686 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686" }, "product_reference": "glibc-devel-2.11.3-17.110.40.1.i686", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-2.11.3-17.110.40.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64" }, "product_reference": "glibc-devel-2.11.3-17.110.40.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-2.11.3-17.110.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x" }, "product_reference": "glibc-devel-2.11.3-17.110.40.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-2.11.3-17.110.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64" }, "product_reference": "glibc-devel-2.11.3-17.110.40.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-32bit-2.11.3-17.110.40.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64" }, "product_reference": "glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-32bit-2.11.3-17.110.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x" }, "product_reference": "glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-32bit-2.11.3-17.110.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64" }, "product_reference": "glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-html-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586" }, "product_reference": "glibc-html-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-html-2.11.3-17.110.40.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64" }, "product_reference": "glibc-html-2.11.3-17.110.40.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-html-2.11.3-17.110.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x" }, "product_reference": "glibc-html-2.11.3-17.110.40.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-html-2.11.3-17.110.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64" }, "product_reference": "glibc-html-2.11.3-17.110.40.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-i18ndata-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586" }, "product_reference": "glibc-i18ndata-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-i18ndata-2.11.3-17.110.40.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64" }, "product_reference": "glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-i18ndata-2.11.3-17.110.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x" }, "product_reference": "glibc-i18ndata-2.11.3-17.110.40.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-i18ndata-2.11.3-17.110.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64" }, "product_reference": "glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-info-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586" }, "product_reference": "glibc-info-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-info-2.11.3-17.110.40.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64" }, "product_reference": "glibc-info-2.11.3-17.110.40.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-info-2.11.3-17.110.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x" }, "product_reference": "glibc-info-2.11.3-17.110.40.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-info-2.11.3-17.110.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64" }, "product_reference": "glibc-info-2.11.3-17.110.40.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-locale-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586" }, "product_reference": "glibc-locale-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-locale-2.11.3-17.110.40.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64" }, "product_reference": "glibc-locale-2.11.3-17.110.40.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-locale-2.11.3-17.110.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x" }, "product_reference": "glibc-locale-2.11.3-17.110.40.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-locale-2.11.3-17.110.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64" }, "product_reference": "glibc-locale-2.11.3-17.110.40.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-locale-32bit-2.11.3-17.110.40.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64" }, "product_reference": "glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-locale-32bit-2.11.3-17.110.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x" }, "product_reference": "glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-locale-32bit-2.11.3-17.110.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64" }, "product_reference": "glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-profile-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586" }, "product_reference": "glibc-profile-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-profile-2.11.3-17.110.40.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64" }, "product_reference": "glibc-profile-2.11.3-17.110.40.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-profile-2.11.3-17.110.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x" }, "product_reference": "glibc-profile-2.11.3-17.110.40.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-profile-2.11.3-17.110.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64" }, "product_reference": "glibc-profile-2.11.3-17.110.40.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-profile-32bit-2.11.3-17.110.40.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64" }, "product_reference": "glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-profile-32bit-2.11.3-17.110.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x" }, "product_reference": "glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-profile-32bit-2.11.3-17.110.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64" }, "product_reference": "glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "nscd-2.11.3-17.110.40.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586" }, "product_reference": "nscd-2.11.3-17.110.40.1.i586", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "nscd-2.11.3-17.110.40.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64" }, "product_reference": "nscd-2.11.3-17.110.40.1.ppc64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "nscd-2.11.3-17.110.40.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x" }, "product_reference": "nscd-2.11.3-17.110.40.1.s390x", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "nscd-2.11.3-17.110.40.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" }, "product_reference": "nscd-2.11.3-17.110.40.1.x86_64", "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-8982", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2015-8982" } ], "notes": [ { "category": "general", "text": "Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2015-8982", "url": "https://www.suse.com/security/cve/CVE-2015-8982" }, { "category": "external", "summary": "SUSE Bug 1123874 for CVE-2015-8982", "url": "https://bugzilla.suse.com/1123874" }, { "category": "external", "summary": "SUSE Bug 1193616 for CVE-2015-8982", "url": "https://bugzilla.suse.com/1193616" }, { "category": "external", "summary": "SUSE Bug 1199869 for CVE-2015-8982", "url": "https://bugzilla.suse.com/1199869" }, { "category": "external", "summary": "SUSE Bug 1200203 for CVE-2015-8982", "url": "https://bugzilla.suse.com/1200203" }, { "category": "external", "summary": "SUSE Bug 920169 for CVE-2015-8982", "url": "https://bugzilla.suse.com/920169" }, { "category": "external", "summary": "SUSE Bug 920338 for CVE-2015-8982", "url": "https://bugzilla.suse.com/920338" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2022-03-21T08:47:58Z", "details": "important" } ], "title": "CVE-2015-8982" }, { "cve": "CVE-2015-8983", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2015-8983" } ], "notes": [ { "category": "general", "text": "Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2015-8983", "url": "https://www.suse.com/security/cve/CVE-2015-8983" }, { "category": "external", "summary": "SUSE Bug 1123874 for CVE-2015-8983", "url": "https://bugzilla.suse.com/1123874" }, { "category": "external", "summary": "SUSE Bug 1193615 for CVE-2015-8983", "url": "https://bugzilla.suse.com/1193615" }, { "category": "external", "summary": "SUSE Bug 1199869 for CVE-2015-8983", "url": "https://bugzilla.suse.com/1199869" }, { "category": "external", "summary": "SUSE Bug 920169 for CVE-2015-8983", "url": "https://bugzilla.suse.com/920169" }, { "category": "external", "summary": "SUSE Bug 920338 for CVE-2015-8983", "url": "https://bugzilla.suse.com/920338" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2022-03-21T08:47:58Z", "details": "moderate" } ], "title": "CVE-2015-8983" }, { "cve": "CVE-2021-3999", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2021-3999" } ], "notes": [ { "category": "general", "text": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2021-3999", "url": "https://www.suse.com/security/cve/CVE-2021-3999" }, { "category": "external", "summary": "SUSE Bug 1194640 for CVE-2021-3999", "url": "https://bugzilla.suse.com/1194640" }, { "category": "external", "summary": "SUSE Bug 1196024 for CVE-2021-3999", "url": "https://bugzilla.suse.com/1196024" }, { "category": "external", "summary": "SUSE Bug 1196389 for CVE-2021-3999", "url": "https://bugzilla.suse.com/1196389" }, { "category": "external", "summary": "SUSE Bug 1199869 for CVE-2021-3999", "url": "https://bugzilla.suse.com/1199869" }, { "category": "external", "summary": "SUSE Bug 1200203 for CVE-2021-3999", "url": "https://bugzilla.suse.com/1200203" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2022-03-21T08:47:58Z", "details": "important" } ], "title": "CVE-2021-3999" }, { "cve": "CVE-2022-23218", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2022-23218" } ], "notes": [ { "category": "general", "text": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2022-23218", "url": "https://www.suse.com/security/cve/CVE-2022-23218" }, { "category": "external", "summary": "SUSE Bug 1194770 for CVE-2022-23218", "url": "https://bugzilla.suse.com/1194770" }, { "category": "external", "summary": "SUSE Bug 1199869 for CVE-2022-23218", "url": "https://bugzilla.suse.com/1199869" }, { "category": "external", "summary": "SUSE Bug 1200036 for CVE-2022-23218", "url": "https://bugzilla.suse.com/1200036" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2022-03-21T08:47:58Z", "details": "moderate" } ], "title": "CVE-2022-23218" }, { "cve": "CVE-2022-23219", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2022-23219" } ], "notes": [ { "category": "general", "text": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" ] }, "references": [ { "category": "external", "summary": "CVE-2022-23219", "url": "https://www.suse.com/security/cve/CVE-2022-23219" }, { "category": "external", "summary": "SUSE Bug 1194768 for CVE-2022-23219", "url": "https://bugzilla.suse.com/1194768" }, { "category": "external", "summary": "SUSE Bug 1199869 for CVE-2022-23219", "url": "https://bugzilla.suse.com/1199869" }, { "category": "external", "summary": "SUSE Bug 1200036 for CVE-2022-23219", "url": "https://bugzilla.suse.com/1200036" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.i686", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-devel-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-html-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-i18ndata-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-info-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-locale-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:glibc-profile-32bit-2.11.3-17.110.40.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:nscd-2.11.3-17.110.40.1.x86_64" ] } ], "threats": [ { "category": "impact", "date": "2022-03-21T08:47:58Z", "details": "moderate" } ], "title": "CVE-2022-23219" } ] }
gsd-2015-8982
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2015-8982", "description": "Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.", "id": "GSD-2015-8982", "references": [ "https://www.suse.com/security/cve/CVE-2015-8982.html", "https://ubuntu.com/security/CVE-2015-8982" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2015-8982" ], "details": "Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.", "id": "GSD-2015-8982", "modified": "2023-12-13T01:20:03.948022Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-8982", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "[oss-security] 20170214 Re: Pending CVE requests for glibc", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2017/02/14/9" }, { "name": "72602", "refsource": "BID", "url": "http://www.securityfocus.com/bid/72602" }, { "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009", "refsource": "CONFIRM", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009" }, { "name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=0f9e585480ed", "refsource": "CONFIRM", "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=0f9e585480ed" }, { "name": "[oss-security] 20150213 CVE Requests - glibc overflows (strxfrm)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/02/13/3" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.20", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-8982" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-190" } ] } ] }, "references": { "reference_data": [ { "name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=0f9e585480ed", "refsource": "CONFIRM", "tags": [ "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=0f9e585480ed" }, { "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009", "refsource": "CONFIRM", "tags": [ "Issue Tracking", "Patch" ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009" }, { "name": "[oss-security] 20170214 Re: Pending CVE requests for glibc", "refsource": "MLIST", "tags": [ "Mailing List", "Patch", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2017/02/14/9" }, { "name": "[oss-security] 20150213 CVE Requests - glibc overflows (strxfrm)", "refsource": "MLIST", "tags": [ "Mailing List", "Patch", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2015/02/13/3" }, { "name": "72602", "refsource": "BID", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/72602" }, { "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.2, "impactScore": 5.9 } }, "lastModifiedDate": "2021-06-29T15:15Z", "publishedDate": "2017-03-15T19:59Z" } } }
cnvd-2017-04105
Vulnerability from cnvd
Title: GNU C Library整数溢出漏洞
Description:
GNU C Library(又名glibc,libc6)是一种按照LGPL许可协议发布的开源免费的C语言编译程序。
GNU C Library 2.21之前版本中存在整数溢出漏洞,攻击者可利用漏洞导致拒绝服务(崩溃)或可能通过长字符串执行任意代码,触发基于堆栈的缓冲区溢出。
Severity: 中
Patch Name: GNU C Library整数溢出漏洞的补丁
Patch Description:
GNU C Library(又名glibc,libc6)是一种按照LGPL许可协议发布的开源免费的C语言编译程序。
GNU C Library 2.21之前版本中存在整数溢出漏洞,攻击者可利用漏洞导致拒绝服务(崩溃)或可能通过长字符串执行任意代码,触发基于堆栈的缓冲区溢出。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=0f9e585480ed
Reference: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=0f9e585480ed http://www.securityfocus.com/bid/72602
Name | Gnu C Library <2.21 |
---|
{ "bids": { "bid": { "bidNumber": "72602" } }, "cves": { "cve": { "cveNumber": "CVE-2015-8982", "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8982" } }, "description": "GNU C Library\uff08\u53c8\u540dglibc\uff0clibc6\uff09\u662f\u4e00\u79cd\u6309\u7167LGPL\u8bb8\u53ef\u534f\u8bae\u53d1\u5e03\u7684\u5f00\u6e90\u514d\u8d39\u7684C\u8bed\u8a00\u7f16\u8bd1\u7a0b\u5e8f\u3002 \r\n\r\nGNU C Library 2.21\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\uff08\u5d29\u6e83\uff09\u6216\u53ef\u80fd\u901a\u8fc7\u957f\u5b57\u7b26\u4e32\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u89e6\u53d1\u57fa\u4e8e\u5806\u6808\u7684\u7f13\u51b2\u533a\u6ea2\u51fa\u3002", "discovererName": "Joseph Myers", "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5:\r\nhttps://sourceware.org/git/gitweb.cgi?p=glibc.git;h=0f9e585480ed", "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e", "number": "CNVD-2017-04105", "openTime": "2017-04-09", "patchDescription": "GNU C Library\uff08\u53c8\u540dglibc\uff0clibc6\uff09\u662f\u4e00\u79cd\u6309\u7167LGPL\u8bb8\u53ef\u534f\u8bae\u53d1\u5e03\u7684\u5f00\u6e90\u514d\u8d39\u7684C\u8bed\u8a00\u7f16\u8bd1\u7a0b\u5e8f\u3002 \r\n\r\nGNU C Library 2.21\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\uff08\u5d29\u6e83\uff09\u6216\u53ef\u80fd\u901a\u8fc7\u957f\u5b57\u7b26\u4e32\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u89e6\u53d1\u57fa\u4e8e\u5806\u6808\u7684\u7f13\u51b2\u533a\u6ea2\u51fa\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002", "patchName": "GNU C Library\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01", "products": { "product": "Gnu C Library \u003c2.21" }, "referenceLink": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=0f9e585480ed\r\nhttp://www.securityfocus.com/bid/72602", "serverity": "\u4e2d", "submitTime": "2017-03-16", "title": "GNU C Library\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e" }
fkie_cve-2015-8982
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA913F6A-63A0-468F-A0E0-66748E337246", "versionEndIncluding": "2.20", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow." }, { "lang": "es", "value": "Desbordamiento de entero en la funci\u00f3n strxfrm en la GNU C Library (tambi\u00e9n conocida como glibc o libc6) en versiones anteriores a 2.21 permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio (ca\u00edda) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena larga, lo que desencadena un desbordamiento de b\u00fafer basado en pila." } ], "id": "CVE-2015-8982", "lastModified": "2025-04-20T01:37:25.860", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-03-15T19:59:00.360", "references": [ { "source": "cve@mitre.org", "tags": [ "Mailing List", "Patch", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2015/02/13/3" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Patch", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2017/02/14/9" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/72602" }, { "source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Patch" ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009" }, { "source": "cve@mitre.org", "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=0f9e585480ed" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Patch", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2015/02/13/3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Patch", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2017/02/14/9" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/72602" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Patch" ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=0f9e585480ed" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.