Oval Definition:oval:org.opensuse.security:def:20183839
Revision Date:2022-06-30Version:1
Title:CVE-2018-3839
Description:

An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-3839
SUSE-SU-2018:3657-1
openSUSE-SU-2018:3828-1
openSUSE-SU-2018:3896-1
openSUSE-SU-2018:3906-1
Mitre CVE-2018-3839
SUSE CVE-2018-3839
SUSE-SU-2018:3657-1
openSUSE-SU-2018:3828-1
openSUSE-SU-2018:3896-1
openSUSE-SU-2018:3906-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 42.3
openSUSE Tumbleweed
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Package Hub for SUSE Linux Enterprise 15
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • SDL_image-1.2.6-84.42 is installed
  • OR SDL_image-devel-1.2.6-84.42 is installed
    • Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • SDL2_image-2.0.4-13.13 is installed
  • AND SDL2_image is signed with openSUSE key
  • OR
  • libSDL2_image-2_0-0-2.0.4-13.13 is installed
  • AND libSDL2_image-2_0-0 is signed with openSUSE key
  • OR
  • libSDL2_image-2_0-0-32bit-2.0.4-13.13 is installed
  • AND libSDL2_image-2_0-0-32bit is signed with openSUSE key
  • OR
  • libSDL2_image-devel-2.0.4-13.13 is installed
  • AND libSDL2_image-devel is signed with openSUSE key
  • OR
  • libSDL2_image-devel-32bit-2.0.4-13.13 is installed
  • AND libSDL2_image-devel-32bit is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • SDL2_image-2.0.4-lp150.2.3 is installed
  • AND SDL2_image is signed with openSUSE key
  • OR
  • libSDL2_image-2_0-0-2.0.4-lp150.2.3 is installed
  • AND libSDL2_image-2_0-0 is signed with openSUSE key
  • OR
  • libSDL2_image-2_0-0-32bit-2.0.4-lp150.2.3 is installed
  • AND libSDL2_image-2_0-0-32bit is signed with openSUSE key
  • OR
  • libSDL2_image-devel-2.0.4-lp150.2.3 is installed
  • AND libSDL2_image-devel is signed with openSUSE key
  • OR
  • libSDL2_image-devel-32bit-2.0.4-lp150.2.3 is installed
  • AND libSDL2_image-devel-32bit is signed with openSUSE key
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 is installed
  • AND Package Information
  • SDL2_image-2.0.4-bp150.3.3 is installed
  • OR libSDL2_image-2_0-0-2.0.4-bp150.3.3 is installed
  • OR libSDL2_image-2_0-0-64bit-2.0.4-bp150.3.3 is installed
  • OR libSDL2_image-devel-2.0.4-bp150.3.3 is installed
  • OR libSDL2_image-devel-64bit-2.0.4-bp150.3.3 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • libSDL2_image-2_0-0-2.0.5-1.14 is installed
  • OR libSDL2_image-2_0-0-32bit-2.0.5-1.14 is installed
  • OR libSDL2_image-devel-2.0.5-1.14 is installed
  • OR libSDL2_image-devel-32bit-2.0.5-1.14 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 is installed
  • AND Package Information
  • libSDL2_image-2_0-0-2.0.4-bp150.3.3.1 is installed
  • OR libSDL2_image-2_0-0-64bit-2.0.4-bp150.3.3.1 is installed
  • OR libSDL2_image-devel-2.0.4-bp150.3.3.1 is installed
  • OR libSDL2_image-devel-64bit-2.0.4-bp150.3.3.1 is installed
    • BACK