Oval Definition:oval:org.opensuse.security:def:20171000378
Revision Date:2022-05-22Version:1
Title:CVE-2017-1000378
Description:

The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects NetBSD 7.1 and possibly earlier versions.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2017-1000378
SUSE CVE-2017-1000378
Platform(s):SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND Package Information
  • kernel-default is affected
  • OR kernel-default-base is affected
  • OR kernel-default-devel is affected
  • OR kernel-default-kgraft is affected
  • OR kernel-devel is affected
  • OR kernel-macros is affected
  • OR kernel-source is affected
  • OR kernel-source-azure is affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • OR SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • kernel-default is affected
  • OR kernel-default-base is affected
  • OR kernel-default-devel is affected
  • OR kernel-default-kgraft is affected
  • OR kernel-devel is affected
  • OR kernel-macros is affected
  • OR kernel-source is affected
  • OR kernel-source-azure is affected
    • BACK