OVAL Reference oval:org.opensuse.security:def:202024890

Oval Definition:

oval:org.opensuse.security:def:202024890

Revision Date:	2022-09-02	Version:	1
Title:	CVE-2020-24890
Description:	DISPUTED libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software in a certain way.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	Mitre CVE-2020-24890 SUSE CVE-2020-24890
Platform(s):	SUSE Linux Enterprise Desktop 12 SP5 SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Workstation Extension 12 SP5 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2	Product(s):
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP1 is installed OR SUSE Linux Enterprise Server 15 SP1 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed OR SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND libraw is not affected
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP2 is installed OR SUSE Linux Enterprise Server 15 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed OR SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND libraw is not affected
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP5 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed OR SUSE Linux Enterprise Workstation Extension 12 SP5 is installed AND libraw9 is not affected

BACK