SUSE-SU-2018:2883-1

Advisory lineage Upstream: 3 Downstream: 0
Published: 26 Sept 2018, 12:20
Last modified:04 Feb 2026, 04:11

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

26 Sept 2018, 12:20
Published
Vulnerability first disclosed
04 Feb 2026, 04:11
Last Modified
Vulnerability information updated

Description

Security update for glibc This update for glibc fixes the following security issues: - CVE-2017-15670: Prevent off-by-one error that lead to a heap-based buffer overflow in the glob function, related to the processing of home directories using the ~ operator followed by a long string (bsc#1064583) - CVE-2017-15804: The glob function contained a buffer overflow during unescaping of user names with the ~ operator (bsc#1064580) - CVE-2015-5180: res_query in libresolv allowed remote attackers to cause a denial of service (NULL pointer dereference and process crash) (bsc#941234). This non-security issue was fixed: - Fix inaccuracies in casin, cacos, casinh, cacosh (bsc#1058774)

Affected Systems

  • suseglibc&distro=SUSE Linux Enterprise Point of Sale 11 SP3

    < 2.11.3-17.110.19.2

  • suseglibc&distro=SUSE Linux Enterprise Server 11 SP3-LTSS

    < 2.11.3-17.110.19.2

  • suseglibc&distro=SUSE Linux Enterprise Server 11 SP3-TERADATA

    < 2.11.3-17.110.19.2

  • suseglibc&distro=SUSE Linux Enterprise Server 11 SP4

    < 2.11.3-17.110.19.2

  • suseglibc&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4

    < 2.11.3-17.110.19.2

  • suseglibc&distro=SUSE Linux Enterprise Software Development Kit 11 SP4

    < 2.11.3-17.110.19.2

References (8)