Opensuse Leap vulnerabilities

CVE-2018-10930 [MEDIUM] CWE-20 CVE-2018-10930: A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume.

CVE-2018-10913 [MEDIUM] CWE-209 CVE-2018-10913: An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to determine the existence of any file.

CVE-2018-10914 [MEDIUM] CWE-476 CVE-2018-10914: It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. If gluster multiplexing is enabled this will result in a crash of multiple bricks and gluster volumes.

CVE-2018-16402 [CRITICAL] CWE-415 CVE-2018-16402: libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.

CVE-2018-16412 [HIGH] CWE-125 CVE-2018-16412: ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlo ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function.

CVE-2018-16062 [MEDIUM] CWE-125 CVE-2018-16062: dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attacker dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

CVE-2018-6556 [LOW] CWE-417 CVE-2018-6556: lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). A

CVE-2018-10916 [MEDIUM] CWE-20 CVE-2018-10916: It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current worki

CVE-2016-9597 [HIGH] CVE-2016-9597: It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actua It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.

CVE-2018-14523 [HIGH] CWE-125 CVE-2018-14523: An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pit An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.

CVE-2018-14522 [HIGH] CWE-119 CVE-2018-14522: An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pit An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.

CVE-2018-10861 [HIGH] CWE-285 CVE-2018-10861: A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.

CVE-2018-1128 [HIGH] CWE-294 CVE-2018-1128: It was found that cephx authentication protocol did not verify ceph clients correctly and was vulner It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, lumino

CVE-2018-1129 [MEDIUM] CWE-284 CVE-2018-1129: A flaw was found in the way signature calculation was handled by cephx authentication protocol. An a A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.

CVE-2018-1000613 [CRITICAL] CWE-470 CVE-2018-1000613: Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not in Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserialization that can result in Deserializing an XMSS/XMSS^MT private key can result

CVE-2018-10892 [MEDIUM] CWE-250 CVE-2018-10892: The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not b The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness.

CVE-2018-12910 [CRITICAL] CWE-125 CVE-2018-12910: The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.

CVE-2018-13096 [MEDIUM] CWE-125 CVE-2018-13096: An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (ou An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image.

CVE-2018-13099 [MEDIUM] CWE-125 CVE-2018-13099: An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (ou An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr.

CVE-2018-10360 [MEDIUM] CWE-125 CVE-2018-10360: The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.