The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Red Hat Enterprise Linux

computer vulnerability announce CVE-2016-9042 CVE-2017-6451 CVE-2017-6452

NTP.org: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of NTP.org.
Impacted products: Mac OS X, Blue Coat CAS, BIG-IP Hardware, TMOS, Fedora, FreeBSD, AIX, McAfee Web Gateway, Meinberg NTP Server, NetBSD, NTP.org, Solaris, Palo Alto Firewall PA***, PAN-OS, pfSense, RHEL, Slackware, Spectracom SecureSync, Symantec Content Analysis, Synology DSM, Synology DS***, Synology RS***, Ubuntu, VxWorks.
Severity: 2/4.
Creation date: 22/03/2017.
Revision date: 30/03/2017.
Identifiers: APPLE-SA-2017-09-25-1, bulletinapr2017, CVE-2016-9042, CVE-2017-6451, CVE-2017-6452, CVE-2017-6455, CVE-2017-6458, CVE-2017-6459, CVE-2017-6460, CVE-2017-6462, CVE-2017-6463, CVE-2017-6464, FEDORA-2017-5ebac1c112, FEDORA-2017-72323a442f, FreeBSD-SA-17:03.ntp, HT208144, K02951273, K07082049, K32262483, K-511308, K99254031, NTP-01-002, NTP-01-003, NTP-01-004, NTP-01-007, NTP-01-008, NTP-01-009, NTP-01-012, NTP-01-014, NTP-01-016, PAN-SA-2017-0022, RHSA-2017:3071-01, RHSA-2018:0855-01, SA147, SB10201, SSA:2017-112-02, TALOS-2016-0260, USN-3349-1, VIGILANCE-VUL-22217, VU#633847.

Description of the vulnerability

Several vulnerabilities were announced in NTP.org.

An attacker can tamper with packet timestamp, in order to make target trafic dropped. [severity:2/4; CVE-2016-9042]

An attacker can generate a buffer overflow via ntpq, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2017-6460, NTP-01-002]

An attacker can generate a buffer overflow via mx4200_send(), in order to trigger a denial of service, and possibly to run code. [severity:1/4; CVE-2017-6451, NTP-01-003]

An attacker can generate a buffer overflow via ctl_put(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2017-6458, NTP-01-004]

An attacker can generate a buffer overflow via addKeysToRegistry(), in order to trigger a denial of service, and possibly to run code. [severity:1/4; CVE-2017-6459, NTP-01-007]

An attacker can generate a buffer overflow in the MS-Windows installer, in order to trigger a denial of service, and possibly to run code. [severity:1/4; CVE-2017-6452, NTP-01-008]

An attacker can define the PPSAPI_DLLS environment variable, in order to make the server run a library with hight privileges. [severity:2/4; CVE-2017-6455, NTP-01-009]

An authenticated attacker can submit an invalid configuration directive, to trigger a denial of service. [severity:2/4; CVE-2017-6463, NTP-01-012]

A privileged attacker can generate a buffer overflow via datum_pts_receive(), in order to trigger a denial of service, and possibly to run code. [severity:1/4; CVE-2017-6462, NTP-01-014]

An authenticated attacker can submit an invalid configuration directive "mode", to trigger a denial of service. [severity:2/4; CVE-2017-6464, NTP-01-016]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability announce CVE-2017-7294

Linux kernel: buffer overflow via vmw_surface_define_ioctl

Synthesis of the vulnerability

An attacker can generate a buffer overflow via vmw_surface_define_ioctl() on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Linux, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Creation date: 29/03/2017.
Identifiers: CERTFR-2017-AVI-141, CERTFR-2017-AVI-158, CERTFR-2017-AVI-162, CERTFR-2017-AVI-185, CERTFR-2017-AVI-196, CERTFR-2017-AVI-282, CERTFR-2017-AVI-311, CVE-2017-7294, DLA-922-1, openSUSE-SU-2017:1140-1, openSUSE-SU-2017:1215-1, RHSA-2018:0676-01, RHSA-2018:1062-01, SUSE-SU-2017:1183-1, SUSE-SU-2017:1247-1, SUSE-SU-2017:1301-1, SUSE-SU-2017:1360-1, SUSE-SU-2017:1990-1, SUSE-SU-2017:2342-1, SUSE-SU-2017:2525-1, USN-3291-1, USN-3291-2, USN-3291-3, USN-3293-1, USN-3335-1, USN-3342-1, USN-3342-2, USN-3343-1, USN-3343-2, VIGILANCE-VUL-22282.

Description of the vulnerability

The Linux kernel product includes a video driver vmwgfx for guests systems running under VMware ESX.

However, if the size of data is greater than the size of the storage array, an overflow occurs in vmw_surface_define_ioctl(). This vulnerability relates to the same C routine and functionality than the vulnerability described in VIGILANCE-VUL-22260. See also VIGILANCE-VUL-22298.

An attacker can therefore generate a buffer overflow via vmw_surface_define_ioctl() on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2017-6951

Linux kernel: NULL pointer dereference via keyring_search_aux

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via keyring_search_aux() in the Linux kernel, in order to trigger a denial of service.
Impacted products: Debian, QRadar SIEM, Linux, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Creation date: 17/03/2017.
Identifiers: 2011746, CERTFR-2017-AVI-162, CERTFR-2017-AVI-282, CERTFR-2017-AVI-287, CERTFR-2017-AVI-288, CERTFR-2017-AVI-307, CERTFR-2017-AVI-311, CERTFR-2017-AVI-390, CVE-2017-6951, DLA-922-1, RHSA-2017:1842-01, RHSA-2017:2077-01, RHSA-2017:2669-01, SUSE-SU-2017:1360-1, SUSE-SU-2017:2342-1, SUSE-SU-2017:2389-1, SUSE-SU-2017:2525-1, SUSE-SU-2017:2920-1, USN-3422-1, USN-3422-2, VIGILANCE-VUL-22169.

Description of the vulnerability

The Linux kernel manages cryptographic keys, notably for use in IPsec.

However, in the "request_key" system call, the function keyring_search_aux() does not check whether a pointer is NULL, before using it.

An attacker can therefore force a NULL pointer to be dereferenced via keyring_search_aux() in the Linux kernel, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability CVE-2017-2925 CVE-2017-2926 CVE-2017-2927

Adobe Flash Player: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, openSUSE, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 4/4.
Creation date: 10/01/2017.
Revision date: 15/03/2017.
Identifiers: 1005, 1006, 1015, 1016, 1017, 3214628, APSB17-02, CERTFR-2017-AVI-006, CERTFR-2017-AVI-007, CVE-2017-2925, CVE-2017-2926, CVE-2017-2927, CVE-2017-2928, CVE-2017-2930, CVE-2017-2931, CVE-2017-2932, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935, CVE-2017-2936, CVE-2017-2937, CVE-2017-2938, MS17-003, openSUSE-SU-2017:0107-1, RHSA-2017:0057-01, SUSE-SU-2017:0108-1, VIGILANCE-VUL-21540.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can bypass security features, in order to escalate his privileges. [severity:2/4; CVE-2017-2938]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2932]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2936]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2937]

An attacker can generate a buffer overflow, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2927]

An attacker can generate a buffer overflow, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2933]

An attacker can generate a buffer overflow, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2934]

An attacker can generate a buffer overflow, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2935]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2925]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2926]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2928]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2930]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2931]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability announce CVE-2017-6009 CVE-2017-6010 CVE-2017-6011

icoutils: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of icoutils.
Impacted products: Debian, Fedora, openSUSE Leap, RHEL, Ubuntu.
Severity: 2/4.
Creation date: 13/03/2017.
Identifiers: CVE-2017-6009, CVE-2017-6010, CVE-2017-6011, DLA-854-1, DSA-3807-1, FEDORA-2017-0e9ad12958, FEDORA-2017-e8460ebed6, openSUSE-SU-2017:2053-1, RHSA-2017:0837-01, USN-3226-1, VIGILANCE-VUL-22082.

Description of the vulnerability

Several vulnerabilities were announced in icoutils.

An attacker can generate a buffer overflow via decode_ne_resource_id(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2017-6009]

An attacker can generate a buffer overflow via extract_icons(), in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2017-6010]

An attacker can force a read at an invalid address via simple_vec(), in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2017-6011]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2017-2624 CVE-2017-2625 CVE-2017-2626

X.Org: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of X.Org.
Impacted products: Debian, Fedora, openSUSE Leap, RHEL, Ubuntu, XOrg Bundle ~ not comprehensive, libX11.
Severity: 2/4.
Creation date: 28/02/2017.
Identifiers: CVE-2017-2624, CVE-2017-2625, CVE-2017-2626, DLA-1186-1, FEDORA-2017-60c4aa0e01, FEDORA-2017-8d369659cb, FEDORA-2017-9a9328c159, FEDORA-2017-bcb1999e65, FEDORA-2017-c02eb668a7, FEDORA-2017-d068b54614, openSUSE-SU-2017:1610-1, openSUSE-SU-2017:1801-1, openSUSE-SU-2017:1802-1, RHSA-2017:1865-01, USN-3362-1, VIGILANCE-VUL-21979, X41-2017-001.

Description of the vulnerability

Several vulnerabilities were announced in X.Org.

An attacker can bypass security features via MIT Cookie Brute Force, in order to escalate his privileges. [severity:1/4; CVE-2017-2624]

An attacker can force the usage of a freed memory area via XdmToID(), in order to trigger a denial of service, and possibly to run code. [severity:2/4]

An attacker can bypass security features via libXdmcp, in order to escalate his privileges. [severity:1/4; CVE-2017-2625]

An attacker can bypass security features via libICE, in order to escalate his privileges. [severity:1/4; CVE-2017-2626]

An unknown vulnerability was announced via GenerateRandomData(). [severity:1/4]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability CVE-2017-3157

LibreOffice: information disclosure via object previews of linked objects

Synthesis of the vulnerability

An attacker can make a user open a LibreOffice document including links to external files, in order to get sensitive information.
Impacted products: OpenOffice, Debian, LibreOffice, RHEL, Ubuntu.
Severity: 1/4.
Creation date: 23/02/2017.
Identifiers: CVE-2017-3157, DLA-910-1, DSA-3792-1, DSA-3837-1, RHSA-2017:0914-01, RHSA-2017:0979-01, USN-3210-1, VIGILANCE-VUL-21945.

Description of the vulnerability

The programs Writer and Calc from LibreOffice can include previews of the linked or embedded objects.

A linked object may point to an external file which is not to be included in the document. However, the preview creation process will actually include a part of the linked file into the document.

An attacker can therefore make a user open a LibreOffice document including links to external files, in order to get sensitive information.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability bulletin CVE-2017-5845

GStreamer: out-of-bounds memory reading via gst_avi_demux_parse_ncdt

Synthesis of the vulnerability

An attacker can force a read at an invalid address via gst_avi_demux_parse_ncdt() of GStreamer, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Debian, Fedora, openSUSE Leap, RHEL, Ubuntu.
Severity: 2/4.
Creation date: 21/02/2017.
Identifiers: CVE-2017-5845, DSA-3820-1, FEDORA-2017-1fc4026d15, openSUSE-SU-2017:1066-1, openSUSE-SU-2017:1076-1, RHSA-2017:2060-01, USN-3245-1, VIGILANCE-VUL-21918.

Description of the vulnerability

An attacker can force a read at an invalid address via gst_avi_demux_parse_ncdt() of GStreamer, in order to trigger a denial of service, or to obtain sensitive information.

A detailed analysis was not performed for this bulletin.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability announce CVE-2016-10199

GStreamer: out-of-bounds memory reading via qtdemux_tag_add_str_full

Synthesis of the vulnerability

An attacker can force a read at an invalid address via qtdemux_tag_add_str_full() of GStreamer, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Debian, Fedora, openSUSE Leap, RHEL, Ubuntu.
Severity: 2/4.
Creation date: 21/02/2017.
Identifiers: CVE-2016-10199, DSA-3820-1, FEDORA-2017-1fc4026d15, openSUSE-SU-2017:1066-1, openSUSE-SU-2017:1076-1, RHSA-2017:2060-01, USN-3245-1, VIGILANCE-VUL-21917.

Description of the vulnerability

An attacker can force a read at an invalid address via qtdemux_tag_add_str_full() of GStreamer, in order to trigger a denial of service, or to obtain sensitive information.

A detailed analysis was not performed for this bulletin.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability note CVE-2017-2982 CVE-2017-2984 CVE-2017-2985

Adobe Flash Player: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Edge, IE, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 4/4.
Creation date: 14/02/2017.
Revision date: 17/02/2017.
Identifiers: 1007, 1008, 1013, 1018, 4010250, APSB17-04, CERTFR-2017-AVI-051, CERTFR-2017-AVI-055, CVE-2017-2982, CVE-2017-2984, CVE-2017-2985, CVE-2017-2986, CVE-2017-2987, CVE-2017-2988, CVE-2017-2990, CVE-2017-2991, CVE-2017-2992, CVE-2017-2993, CVE-2017-2994, CVE-2017-2995, CVE-2017-2996, MS17-005, RHSA-2017:0275-01, SUSE-SU-2017:0523-1, VIGILANCE-VUL-21834, ZDI-17-109, ZDI-17-110, ZDI-17-287.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2995, ZDI-17-109]

An attacker can generate an integer overflow, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2987]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2982]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2985]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2993]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2994, ZDI-17-110, ZDI-17-287]

An attacker can generate a buffer overflow, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2986]

An attacker can generate a buffer overflow, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2992]

An attacker can generate a buffer overflow, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2984]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2988]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2990]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2991]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2996]
Complete Vigil@nce bulletin.... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Red Hat Enterprise Linux: