openSUSE Security Update : graphite2 (openSUSE-2016-349)

High Nessus Plugin ID 89975

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 5.9

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for graphite2 fixes the following issues :

- CVE-2016-1521: The directrun function in directmachine.cpp in Libgraphite did not validate a certain skip operation, which allowed remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.

- CVE-2016-1522: Code.cpp in Libgraphite did not consider recursive load calls during a size check, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via a crafted Graphite smart font.

- CVE-2016-1523: The SillMap::readFace function in FeatureMap.cpp in Libgraphite mishandled a return value, which allowed remote attackers to cause a denial of service (missing initialization, NULL pointer dereference, and application crash) via a crafted Graphite smart font.

- CVE-2016-1526: The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite incorrectly validated a size value, which allowed remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.

Solution

Update the affected graphite2 packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=965803

https://bugzilla.opensuse.org/show_bug.cgi?id=965806

https://bugzilla.opensuse.org/show_bug.cgi?id=965807

https://bugzilla.opensuse.org/show_bug.cgi?id=965810

Plugin Details

Severity: High

ID: 89975

File Name: openSUSE-2016-349.nasl

Version: 2.3

Type: local

Agent: unix

Published: 2016/03/17

Updated: 2020/06/04

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 5.9

CVSS v2.0

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:graphite2, p-cpe:/a:novell:opensuse:graphite2-debuginfo, p-cpe:/a:novell:opensuse:graphite2-debugsource, p-cpe:/a:novell:opensuse:graphite2-devel, p-cpe:/a:novell:opensuse:libgraphite2-3, p-cpe:/a:novell:opensuse:libgraphite2-3-32bit, p-cpe:/a:novell:opensuse:libgraphite2-3-debuginfo, p-cpe:/a:novell:opensuse:libgraphite2-3-debuginfo-32bit, cpe:/o:novell:opensuse:13.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2016/03/16

Reference Information

CVE: CVE-2016-1521, CVE-2016-1522, CVE-2016-1523, CVE-2016-1526