Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2017-15897: SUSE Linux Security Advisory

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

SUSE: CVE-2017-15897: SUSE Linux Security Advisory

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

12/11/2017

Created

12/14/2019

Added

12/12/2019

Modified

02/04/2022

Description

Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. For example, 'Buffer.alloc(0x100, "This is not correctly encoded", "hex");' The buffer implementation was updated such that the buffer will be initialized to all zeros in these cases.

Solution(s)

suse-upgrade-firefox-atk-lang
suse-upgrade-firefox-gdk-pixbuf-lang
suse-upgrade-firefox-gdk-pixbuf-query-loaders
suse-upgrade-firefox-gdk-pixbuf-thumbnailer
suse-upgrade-firefox-gio-branding-upstream
suse-upgrade-firefox-glib2-lang
suse-upgrade-firefox-glib2-tools
suse-upgrade-firefox-gtk3-branding-upstream
suse-upgrade-firefox-gtk3-data
suse-upgrade-firefox-gtk3-immodule-amharic
suse-upgrade-firefox-gtk3-immodule-inuktitut
suse-upgrade-firefox-gtk3-immodule-multipress
suse-upgrade-firefox-gtk3-immodule-thai
suse-upgrade-firefox-gtk3-immodule-vietnamese
suse-upgrade-firefox-gtk3-immodule-xim
suse-upgrade-firefox-gtk3-immodules-tigrigna
suse-upgrade-firefox-gtk3-lang
suse-upgrade-firefox-gtk3-tools
suse-upgrade-firefox-libatk-1_0-0
suse-upgrade-firefox-libcairo-gobject2
suse-upgrade-firefox-libcairo2
suse-upgrade-firefox-libffi4
suse-upgrade-firefox-libffi7
suse-upgrade-firefox-libgdk_pixbuf-2_0-0
suse-upgrade-firefox-libgtk-3-0
suse-upgrade-firefox-libharfbuzz0
suse-upgrade-firefox-libpango-1_0-0
suse-upgrade-libfirefox-gio-2_0-0
suse-upgrade-libfirefox-glib-2_0-0
suse-upgrade-libfirefox-gmodule-2_0-0
suse-upgrade-libfirefox-gobject-2_0-0
suse-upgrade-libfirefox-gthread-2_0-0
suse-upgrade-libfreebl3
suse-upgrade-libfreebl3-32bit
suse-upgrade-libsoftokn3
suse-upgrade-libsoftokn3-32bit
suse-upgrade-mozilla-nspr
suse-upgrade-mozilla-nspr-32bit
suse-upgrade-mozilla-nspr-devel
suse-upgrade-mozilla-nss
suse-upgrade-mozilla-nss-32bit
suse-upgrade-mozilla-nss-certs
suse-upgrade-mozilla-nss-certs-32bit
suse-upgrade-mozilla-nss-devel
suse-upgrade-mozilla-nss-tools
suse-upgrade-mozillafirefox
suse-upgrade-mozillafirefox-branding-sled
suse-upgrade-mozillafirefox-translations-common
suse-upgrade-mozillafirefox-translations-other
suse-upgrade-nodejs10
suse-upgrade-nodejs10-devel
suse-upgrade-nodejs10-docs
suse-upgrade-nodejs8
suse-upgrade-nodejs8-devel
suse-upgrade-nodejs8-docs
suse-upgrade-npm10
suse-upgrade-npm8

References

SUSE-SU-2019:14246-1
CVE-2017-15897

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2017-15897: SUSE Linux Security Advisory

SUSE: CVE-2017-15897: SUSE Linux Security Advisory

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.