Suse Linux Enterprise Server vulnerabilities

CVE-2015-5300 [HIGH] CWE-361 CVE-2015-5300: The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system c The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests f

CVE-2015-5194 [HIGH] CWE-20 CVE-2015-5194: The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attacke The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

CVE-2017-1000366 [HIGH] CWE-119 CVE-2017-1000366: glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate th glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploita

CVE-2015-8567 [HIGH] CWE-401 CVE-2015-8567: Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory co Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).

CVE-2015-4680 [HIGH] CWE-295 CVE-2015-4680: FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermedi FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates.

CVE-2016-1602 [HIGH] CWE-94 CVE-2016-1602: A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig (usually root).

CVE-2016-9398 [HIGH] CWE-617 CVE-2016-9398: The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.

CVE-2014-9852 [CRITICAL] CWE-913 CVE-2014-9852: distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remot distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.

CVE-2014-9854 [HIGH] CWE-399 CVE-2014-9854: coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."

CVE-2014-9853 [MEDIUM] CWE-399 CVE-2014-9853: Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (mem Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.

CVE-2017-5898 [MEDIUM] CWE-190 CVE-2017-5898: Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emu Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit.

CVE-2015-7976 [MEDIUM] CWE-254 CVE-2015-7976: The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.

CVE-2015-8930 [HIGH] CWE-20 CVE-2015-8930: bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loo bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself.

CVE-2015-8931 [HIGH] CWE-190 CVE-2015-8931: Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_rea Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.

CVE-2015-8925 [MEDIUM] CWE-125 CVE-2015-8925: The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remot The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read) via a crafted mtree file, related to newline parsing.

CVE-2015-8929 [MEDIUM] CWE-119 CVE-2015-8929: Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive befo Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service via a tar file.

CVE-2015-8932 [MEDIUM] CWE-20 CVE-2015-8932: The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2 The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file, which triggers an invalid left shift.

CVE-2015-8926 [MEDIUM] CWE-476 CVE-2015-8926: The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive be The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive.

CVE-2015-8933 [MEDIUM] CWE-190 CVE-2015-8933: Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c i Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted tar file.

CVE-2015-8934 [MEDIUM] CWE-125 CVE-2015-8934: The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earl The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earlier allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted rar file.