Oval Definition:oval:org.opensuse.security:def:202013848
Revision Date:2021-10-24Version:1
Title:CVE-2020-13848
Description:

Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2020-13848
openSUSE-SU-2020:0805-1
openSUSE-SU-2020:0821-1
Mitre CVE-2020-13848
SUSE CVE-2020-13848
openSUSE-SU-2020:0805-1
openSUSE-SU-2020:0821-1
Platform(s):openSUSE Leap 15.1
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
SUSE Package Hub for SUSE Linux Enterprise 15 SP1
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libupnp-devel-1.6.25-lp151.3.3.1 is installed
  • AND libupnp-devel is signed with openSUSE key
  • OR
  • libupnp6-1.6.25-lp151.3.3.1 is installed
  • AND libupnp6 is signed with openSUSE key
  • OR
  • libupnp6-32bit-1.6.25-lp151.3.3.1 is installed
  • AND libupnp6-32bit is signed with openSUSE key
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 SP1 is installed
  • AND Package Information
  • libupnp-devel-1.6.25-bp151.4.3.1 is installed
  • OR libupnp6-1.6.25-bp151.4.3.1 is installed
  • OR libupnp6-64bit-1.6.25-bp151.4.3.1 is installed
    • BACK