SUSE-SU-2018:0565-1

Advisory lineage Upstream: 5 Downstream: 0

Upstream

CVE-2017-12132 CVE-2017-8804 CVE-2018-1000001 CVE-2018-6485 CVE-2018-6551

Published: 28 Feb 2018, 16:32

Last modified:04 Feb 2026, 02:27

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

28 Feb 2018, 16:32

Published

Vulnerability first disclosed

04 Feb 2026, 02:27

Last Modified

Vulnerability information updated

Description

Security update for glibc This update for glibc fixes the following issues: Security issues: - CVE-2017-8804: Fix memory leak after deserialization failure in xdr_bytes, xdr_string (bsc#1037930) - CVE-2017-12132: Reduce EDNS payload size to 1200 bytes (bsc#1051791) - CVE-2018-6485,CVE-2018-6551: Fix integer overflows in internal memalign and malloc functions (bsc#1079036) - CVE-2018-1000001: Avoid underflow of malloced area in realpath (bsc#1074293) Also a non security issue was fixed: - Do not fail if one of the two responses to AF_UNSPEC fails (bsc#978209)

Affected Systems

suse•glibc&distro=SUSE Linux Enterprise Point of Sale 11 SP3
< 2.11.3-17.110.6.2
suse•glibc&distro=SUSE Linux Enterprise Server 11 SP3-LTSS
< 2.11.3-17.110.6.2
suse•glibc&distro=SUSE Linux Enterprise Server 11 SP3-TERADATA
< 2.11.3-17.110.6.2
suse•glibc&distro=SUSE Linux Enterprise Server 11 SP4
< 2.11.3-17.110.6.2
suse•glibc&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4
< 2.11.3-17.110.6.2
suse•glibc&distro=SUSE Linux Enterprise Software Development Kit 11 SP4
< 2.11.3-17.110.6.2

SUSE-SU-2018:0565-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (11)