PT-2017-10546 · Intel+2 · Iucode-Tool+2

Published

2017-01-17

·

Updated

2024-06-15

·

CVE-2017-0357

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions iucode-tool versions 1.4 through 2.1.1
Description A heap-overflow flaw exists in the -tr loader of iucode-tool, potentially leading to SIGSEGV, or heap corruption.
Recommendations For versions 1.4 through 2.1.1, update to version 2.1.1 or later to resolve the issue.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2017-3588
CVE-2017-0357
OPENSUSE-SU-2024:10867-1
USN-3186-1

Affected Products

Alt Linux
Ubuntu
Iucode-Tool