vulnerability
SUSE: CVE-2018-13785: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:N/A:P) | Jul 9, 2018 | Nov 28, 2018 | Oct 22, 2021 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Jul 9, 2018
Added
Nov 28, 2018
Modified
Oct 22, 2021
Description
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
Solution(s)
suse-upgrade-java-1_7_0-ibmsuse-upgrade-java-1_7_0-ibm-alsasuse-upgrade-java-1_7_0-ibm-develsuse-upgrade-java-1_7_0-ibm-jdbcsuse-upgrade-java-1_7_0-ibm-pluginsuse-upgrade-java-1_7_0-openjdksuse-upgrade-java-1_7_0-openjdk-demosuse-upgrade-java-1_7_0-openjdk-develsuse-upgrade-java-1_7_0-openjdk-headlesssuse-upgrade-java-1_7_1-ibmsuse-upgrade-java-1_7_1-ibm-alsasuse-upgrade-java-1_7_1-ibm-develsuse-upgrade-java-1_7_1-ibm-jdbcsuse-upgrade-java-1_7_1-ibm-pluginsuse-upgrade-java-1_8_0-ibmsuse-upgrade-java-1_8_0-ibm-alsasuse-upgrade-java-1_8_0-ibm-develsuse-upgrade-java-1_8_0-ibm-pluginsuse-upgrade-java-1_8_0-openjdksuse-upgrade-java-1_8_0-openjdk-accessibilitysuse-upgrade-java-1_8_0-openjdk-demosuse-upgrade-java-1_8_0-openjdk-develsuse-upgrade-java-1_8_0-openjdk-headlesssuse-upgrade-java-1_8_0-openjdk-javadocsuse-upgrade-java-1_8_0-openjdk-srcsuse-upgrade-libpng16-16suse-upgrade-libpng16-16-32bitsuse-upgrade-libpng16-compat-develsuse-upgrade-libpng16-compat-devel-32bitsuse-upgrade-libpng16-develsuse-upgrade-libpng16-devel-32bitsuse-upgrade-libpng16-tools
References
- SUSE-SUSE-SU-2018:3868-1
- SUSE-SUSE-SU-2018:3920-1
- SUSE-SUSE-SU-2018:3921-1
- SUSE-SUSE-SU-2018:3933-1
- SUSE-SUSE-SU-2018:3933-2
- SUSE-SUSE-SU-2018:4064-1
- SUSE-SUSE-SU-2018:4064-2
- SUSE-SUSE-SU-2019:0049-1
- SUSE-SUSE-SU-2019:0049-2
- SUSE-SUSE-SU-2019:0057-1
- SUSE-SUSE-SU-2019:0057-2
- SUSE-SUSE-SU-2019:0058-1
- SUSE-SUSE-SU-2019:1398-1
- SUSE-SUSE-SU-2019:1398-2
- UBUNTU-USN-3712-1
- NVD-CVE-2018-13785
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.