Oval Definition:oval:org.opensuse.security:def:20183977
Revision Date:2022-06-30Version:1
Title:CVE-2018-3977
Description:

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-3977
SUSE-SU-2018:3861-1
openSUSE-SU-2018:3828-1
openSUSE-SU-2018:3896-1
openSUSE-SU-2018:3906-1
Mitre CVE-2018-3977
SUSE CVE-2018-3977
SUSE-SU-2018:3861-1
openSUSE-SU-2018:3828-1
openSUSE-SU-2018:3896-1
openSUSE-SU-2018:3906-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 42.3
openSUSE Tumbleweed
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Package Hub for SUSE Linux Enterprise 15
Product(s):
Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • SDL2_image-2.0.4-13.13 is installed
  • AND SDL2_image is signed with openSUSE key
  • OR
  • libSDL2_image-2_0-0-2.0.4-13.13 is installed
  • AND libSDL2_image-2_0-0 is signed with openSUSE key
  • OR
  • libSDL2_image-2_0-0-32bit-2.0.4-13.13 is installed
  • AND libSDL2_image-2_0-0-32bit is signed with openSUSE key
  • OR
  • libSDL2_image-devel-2.0.4-13.13 is installed
  • AND libSDL2_image-devel is signed with openSUSE key
  • OR
  • libSDL2_image-devel-32bit-2.0.4-13.13 is installed
  • AND libSDL2_image-devel-32bit is signed with openSUSE key
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • SDL_image-1.2.6-84.46 is installed
  • OR SDL_image-devel-1.2.6-84.46 is installed
    • Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • SDL2_image-2.0.4-lp150.2.3 is installed
  • AND SDL2_image is signed with openSUSE key
  • OR
  • libSDL2_image-2_0-0-2.0.4-lp150.2.3 is installed
  • AND libSDL2_image-2_0-0 is signed with openSUSE key
  • OR
  • libSDL2_image-2_0-0-32bit-2.0.4-lp150.2.3 is installed
  • AND libSDL2_image-2_0-0-32bit is signed with openSUSE key
  • OR
  • libSDL2_image-devel-2.0.4-lp150.2.3 is installed
  • AND libSDL2_image-devel is signed with openSUSE key
  • OR
  • libSDL2_image-devel-32bit-2.0.4-lp150.2.3 is installed
  • AND libSDL2_image-devel-32bit is signed with openSUSE key
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 is installed
  • AND Package Information
  • SDL2_image-2.0.4-bp150.3.3 is installed
  • OR libSDL2_image-2_0-0-2.0.4-bp150.3.3 is installed
  • OR libSDL2_image-2_0-0-64bit-2.0.4-bp150.3.3 is installed
  • OR libSDL2_image-devel-2.0.4-bp150.3.3 is installed
  • OR libSDL2_image-devel-64bit-2.0.4-bp150.3.3 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • libSDL2_image-2_0-0-2.0.5-1.14 is installed
  • OR libSDL2_image-2_0-0-32bit-2.0.5-1.14 is installed
  • OR libSDL2_image-devel-2.0.5-1.14 is installed
  • OR libSDL2_image-devel-32bit-2.0.5-1.14 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 is installed
  • AND Package Information
  • libSDL2_image-2_0-0-2.0.4-bp150.3.3.1 is installed
  • OR libSDL2_image-2_0-0-64bit-2.0.4-bp150.3.3.1 is installed
  • OR libSDL2_image-devel-2.0.4-bp150.3.3.1 is installed
  • OR libSDL2_image-devel-64bit-2.0.4-bp150.3.3.1 is installed
    • BACK