openSUSE Security Update : tcmu-runner (openSUSE-2017-919)

This script is Copyright (C) 2017 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for tcmu-runner fixes the following issues :

- qcow handler opens up an information leak via the
CheckConfig D-Bus method (bsc#1049491)

- glfs handler allows local DoS via crafted CheckConfig
strings (bsc#1049485)

- UnregisterHandler dbus method in tcmu-runner daemon for
non-existing handler causes denial of service

- UnregisterHandler D-Bus method in tcmu-runner daemon for
internal handler causes denial of service (bsc#1049489)

- Memory leaks can be triggered in tcmu-runner daemon by
calling D-Bus method for (Un)RegisterHandler

This update was imported from the SUSE:SLE-12-SP3:Update update

See also :

Solution :

Update the affected tcmu-runner packages.

Risk factor :


Family: SuSE Local Security Checks

Nessus Plugin ID: 102470 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now