{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for dwarves and elfutils","title":"Title of the patch"},{"category":"description","text":"This update for dwarves and elfutils fixes the following issues:\n\nelfutils was updated to version 0.177 (jsc#SLE-24501):\n \n- elfclassify: New tool to analyze ELF objects.\n- readelf: Print DW_AT_data_member_location as decimal offset.\n Decode DW_AT_discr_list block attributes.\n- libdw: Add DW_AT_GNU_numerator, DW_AT_GNU_denominator and DW_AT_GNU_bias.\n- libdwelf: Add dwelf_elf_e_machine_string.\n dwelf_elf_begin now only returns NULL when there is an error\n reading or decompressing a file. If the file is not an ELF file\n an ELF handle of type ELF_K_NONE is returned.\n- backends: Add support for C-SKY.\n \nUpdate to version 0.176:\n\n- build: Add new --enable-install-elfh option.\n Do NOT use this for system installs (it overrides glibc elf.h).\n- backends: riscv improved core file and return value location support.\n- Fixes:\n - CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7664 - CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bsc#1123685)\n - CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (CVE is a bit misleading, as this is not a bug in libelf as described) (bsc#1125007)\n \nUpdate to version 0.175:\n \n- readelf: Handle mutliple .debug_macro sections.\n Recognize and parse GNU Property, NT_VERSION and\n GNU Build Attribute ELF Notes.\n- strip: Handle SHT_GROUP correctly.\n Add strip --reloc-debug-sections-only option.\n Handle relocations against GNU compressed sections.\n- libdwelf: New function dwelf_elf_begin.\n- libcpu: Recognize bpf jump variants BPF_JLT, BPF_JLE, BPF_JSLT\n and BPF_JSLE.\n backends: RISCV handles ADD/SUB relocations.\n Handle SHT_X86_64_UNWIND.\n - CVE-2018-18521: arlib: Divide-by-zero vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bsc#1112723)\n - CVE-2018-18310: Invalid Address Read problem in dwfl_segment_report_module.c (bsc#1111973)\n - CVE-2018-18520: eu-size: Bad handling of ar files inside are files (bsc#1112726)\n \nUpdate to version 0.174:\n \n- libelf, libdw and all tools now handle extended shnum and\n shstrndx correctly.\n \n- elfcompress: Don't rewrite input file if no section data needs\n updating. Try harder to keep same file mode bits\n (suid) on rewrite.\n- strip: Handle mixed (out of order) allocated/non-allocated sections.\n- unstrip: Handle SHT_GROUP sections.\n- backends: RISCV and M68K now have backend implementations to\n generate CFI based backtraces.\n- Fixes:\n - CVE-2018-16402: libelf: denial of service/double free on an attempt to decompress the same section twice (bsc#1107066) Double-free crash in nm and readelf\n - CVE-2018-16403: heap buffer overflow in readelf (bsc#1107067)\n - CVE-2018-16062: heap-buffer-overflow in /elfutils/libdw/dwarf_getaranges.c:156 (bsc#1106390)\n \nUpdate to version 0.173:\n \n- More fixes for crashes and hangs found by afl-fuzz. In particular various\n functions now detect and break infinite loops caused by bad DIE tree cycles.\n- readelf: Will now lookup the size and signedness of constant value types\n to display them correctly (and not just how they were encoded).\n- libdw: New function dwarf_next_lines to read CU-less .debug_line data.\n dwarf_begin_elf now accepts ELF files containing just .debug_line\n or .debug_frame sections (which can be read without needing a DIE\n tree from the .debug_info section).\n Removed dwarf_getscn_info, which was never implemented.\n- backends: Handle BPF simple relocations.\n The RISCV backends now handles ABI specific CFI and knows about\n RISCV register types and names.\n \nUpdate to version 0.172:\n \n- Various bug fixes in libdw and eu-readelf dealing with bad DWARF5 data.\n Thanks to running the afl fuzzer on eu-readelf and various testcases.\n \nUpdate to version 0.171:\n \n- DWARF5 and split dwarf, including GNU DebugFission, are supported now.\n Data can be read from the new DWARF sections .debug_addr, .debug_line_str,\n .debug_loclists, .debug_str_offsets and .debug_rnglists. Plus the new\n DWARF5 and GNU DebugFission encodings of the existing .debug sections.\n Also in split DWARF .dwo (DWARF object) files. This support is mostly\n handled by existing functions (dwarf_getlocation*, dwarf_getsrclines,\n dwarf_ranges, dwarf_form*, etc.) now returning the data from the new\n sections and data formats. But some new functions have been added\n to more easily get information about skeleton and split compile units\n (dwarf_get_units and dwarf_cu_info), handle new attribute data\n (dwarf_getabbrevattr_data) and to keep references to Dwarf_Dies\n that might come from different sections or files (dwarf_die_addr_die).\n- Not yet supported are .dwp (Dwarf Package) and .sup (Dwarf Supplementary)\n files, the .debug_names index, the .debug_cu_index and .debug_tu_index\n sections. Only a single .debug_info (and .debug_types) section are\n currently handled.\n- readelf: Handle all new DWARF5 sections.\n --debug-dump=info+ will show split unit DIEs when found.\n --dwarf-skeleton can be used when inspecting a .dwo file.\n Recognizes GNU locviews with --debug-dump=loc.\n- libdw: New functions dwarf_die_addr_die, dwarf_get_units,\n dwarf_getabbrevattr_data and dwarf_cu_info.\n libdw will now try to resolve the alt file on first use of\n an alt attribute FORM when not set yet with dwarf_set_alt.\n dwarf_aggregate_size() now works with multi-dimensional arrays.\n- libdwfl: Use process_vm_readv when available instead of ptrace.\n backends: Add a RISC-V backend.\n \n There were various improvements to build on Windows.\n The sha1 and md5 implementations have been removed, they weren't used.\n\nUpdate to version 0.170:\n\n- libdw: Added new DWARF5 attribute, tag, character encoding, language code,\n calling convention, defaulted member function and macro constants\n to dwarf.h.\n\t New functions dwarf_default_lower_bound and dwarf_line_file.\n \t dwarf_peel_type now handles DWARF5 immutable, packed and shared tags.\n \t dwarf_getmacros now handles DWARF5 .debug_macro sections.\n- strip: Add -R, --remove-section=SECTION and --keep-section=SECTION.\n- backends: The bpf disassembler is now always build on all platforms.\n\nUpdate to version 0.169:\n\n- backends: Add support for EM_PPC64 GNU_ATTRIBUTES.\n Frame pointer unwinding fallback support for i386, x86_64, aarch64.\n- translations: Update Polish translation.\n - CVE-2017-7611: elfutils: DoS (heap-based buffer over-read and application crash) via a crafted ELF file (bsc#1033088)\n - CVE-2017-7610: elflint: heap-based buffer overflow in check_group (bsc#1033087)\n - CVE-2017-7609: memory allocation failure in __libelf_decompress (bsc#1033086)\n - CVE-2017-7607: heap-based buffer overflow in handle_gnu_hashi (readelf.c) (bsc#1033084)\n - CVE-2017-7608: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c) (bsc#1033085)\n - CVE-2017-7613: elfutils: denial of service (memory consumption) via a crafted ELF file (bsc#1033090)\n - CVE-2017-7612: elfutils: denial of service (heap-based buffer over-read and application crash) via a crafted ELF file (bsc#1033089)\n- Don't make elfutils recommend elfutils-lang as elfutils-lang\n already supplements elfutils.\n\ndwarves is shipped new in version 1.22 to provide tooling for use by the Linux Kernel BTF verification framework.\n","title":"Description of the patch"},{"category":"details","text":"SUSE-2022-2614,openSUSE-Leap-Micro-5.2-2022-2614","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2614-2.json"},{"category":"self","summary":"URL for SUSE-SU-2022:2614-2","url":"https://www.suse.com/support/update/announcement/2022/suse-su-20222614-2/"},{"category":"self","summary":"E-Mail link for SUSE-SU-2022:2614-2","url":"https://lists.suse.com/pipermail/sle-security-updates/2022-September/012057.html"},{"category":"self","summary":"SUSE Bug 1033084","url":"https://bugzilla.suse.com/1033084"},{"category":"self","summary":"SUSE Bug 1033085","url":"https://bugzilla.suse.com/1033085"},{"category":"self","summary":"SUSE Bug 1033086","url":"https://bugzilla.suse.com/1033086"},{"category":"self","summary":"SUSE Bug 1033087","url":"https://bugzilla.suse.com/1033087"},{"category":"self","summary":"SUSE Bug 1033088","url":"https://bugzilla.suse.com/1033088"},{"category":"self","summary":"SUSE Bug 1033089","url":"https://bugzilla.suse.com/1033089"},{"category":"self","summary":"SUSE Bug 1033090","url":"https://bugzilla.suse.com/1033090"},{"category":"self","summary":"SUSE Bug 1082318","url":"https://bugzilla.suse.com/1082318"},{"category":"self","summary":"SUSE Bug 1104264","url":"https://bugzilla.suse.com/1104264"},{"category":"self","summary":"SUSE Bug 1106390","url":"https://bugzilla.suse.com/1106390"},{"category":"self","summary":"SUSE Bug 1107066","url":"https://bugzilla.suse.com/1107066"},{"category":"self","summary":"SUSE Bug 1107067","url":"https://bugzilla.suse.com/1107067"},{"category":"self","summary":"SUSE Bug 1111973","url":"https://bugzilla.suse.com/1111973"},{"category":"self","summary":"SUSE Bug 1112723","url":"https://bugzilla.suse.com/1112723"},{"category":"self","summary":"SUSE Bug 1112726","url":"https://bugzilla.suse.com/1112726"},{"category":"self","summary":"SUSE Bug 1123685","url":"https://bugzilla.suse.com/1123685"},{"category":"self","summary":"SUSE Bug 1125007","url":"https://bugzilla.suse.com/1125007"},{"category":"self","summary":"SUSE CVE CVE-2017-7607 page","url":"https://www.suse.com/security/cve/CVE-2017-7607/"},{"category":"self","summary":"SUSE CVE CVE-2017-7608 page","url":"https://www.suse.com/security/cve/CVE-2017-7608/"},{"category":"self","summary":"SUSE CVE CVE-2017-7609 page","url":"https://www.suse.com/security/cve/CVE-2017-7609/"},{"category":"self","summary":"SUSE CVE CVE-2017-7610 page","url":"https://www.suse.com/security/cve/CVE-2017-7610/"},{"category":"self","summary":"SUSE CVE CVE-2017-7611 page","url":"https://www.suse.com/security/cve/CVE-2017-7611/"},{"category":"self","summary":"SUSE CVE CVE-2017-7612 page","url":"https://www.suse.com/security/cve/CVE-2017-7612/"},{"category":"self","summary":"SUSE CVE CVE-2017-7613 page","url":"https://www.suse.com/security/cve/CVE-2017-7613/"},{"category":"self","summary":"SUSE CVE CVE-2018-16062 page","url":"https://www.suse.com/security/cve/CVE-2018-16062/"},{"category":"self","summary":"SUSE CVE CVE-2018-16402 page","url":"https://www.suse.com/security/cve/CVE-2018-16402/"},{"category":"self","summary":"SUSE CVE CVE-2018-16403 page","url":"https://www.suse.com/security/cve/CVE-2018-16403/"},{"category":"self","summary":"SUSE CVE CVE-2018-18310 page","url":"https://www.suse.com/security/cve/CVE-2018-18310/"},{"category":"self","summary":"SUSE CVE CVE-2018-18520 page","url":"https://www.suse.com/security/cve/CVE-2018-18520/"},{"category":"self","summary":"SUSE CVE CVE-2018-18521 page","url":"https://www.suse.com/security/cve/CVE-2018-18521/"},{"category":"self","summary":"SUSE CVE CVE-2019-7146 page","url":"https://www.suse.com/security/cve/CVE-2019-7146/"},{"category":"self","summary":"SUSE CVE CVE-2019-7148 page","url":"https://www.suse.com/security/cve/CVE-2019-7148/"},{"category":"self","summary":"SUSE CVE CVE-2019-7149 page","url":"https://www.suse.com/security/cve/CVE-2019-7149/"},{"category":"self","summary":"SUSE CVE CVE-2019-7150 page","url":"https://www.suse.com/security/cve/CVE-2019-7150/"},{"category":"self","summary":"SUSE CVE CVE-2019-7664 page","url":"https://www.suse.com/security/cve/CVE-2019-7664/"},{"category":"self","summary":"SUSE CVE CVE-2019-7665 page","url":"https://www.suse.com/security/cve/CVE-2019-7665/"}],"title":"Security update for dwarves and elfutils","tracking":{"current_release_date":"2022-08-01T08:41:26Z","generator":{"date":"2022-08-01T08:41:26Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2022:2614-2","initial_release_date":"2022-08-01T08:41:26Z","revision_history":[{"date":"2022-08-01T08:41:26Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"dwarves-1.22-150300.7.3.1.aarch64","product":{"name":"dwarves-1.22-150300.7.3.1.aarch64","product_id":"dwarves-1.22-150300.7.3.1.aarch64"}},{"category":"product_version","name":"elfutils-0.177-150300.11.3.1.aarch64","product":{"name":"elfutils-0.177-150300.11.3.1.aarch64","product_id":"elfutils-0.177-150300.11.3.1.aarch64"}},{"category":"product_version","name":"libasm-devel-0.177-150300.11.3.1.aarch64","product":{"name":"libasm-devel-0.177-150300.11.3.1.aarch64","product_id":"libasm-devel-0.177-150300.11.3.1.aarch64"}},{"category":"product_version","name":"libasm1-0.177-150300.11.3.1.aarch64","product":{"name":"libasm1-0.177-150300.11.3.1.aarch64","product_id":"libasm1-0.177-150300.11.3.1.aarch64"}},{"category":"product_version","name":"libdw-devel-0.177-150300.11.3.1.aarch64","product":{"name":"libdw-devel-0.177-150300.11.3.1.aarch64","product_id":"libdw-devel-0.177-150300.11.3.1.aarch64"}},{"category":"product_version","name":"libdw1-0.177-150300.11.3.1.aarch64","product":{"name":"libdw1-0.177-150300.11.3.1.aarch64","product_id":"libdw1-0.177-150300.11.3.1.aarch64"}},{"category":"product_version","name":"libdwarves-devel-1.22-150300.7.3.1.aarch64","product":{"name":"libdwarves-devel-1.22-150300.7.3.1.aarch64","product_id":"libdwarves-devel-1.22-150300.7.3.1.aarch64"}},{"category":"product_version","name":"libdwarves1-1.22-150300.7.3.1.aarch64","product":{"name":"libdwarves1-1.22-150300.7.3.1.aarch64","product_id":"libdwarves1-1.22-150300.7.3.1.aarch64"}},{"category":"product_version","name":"libebl-devel-0.177-150300.11.3.1.aarch64","product":{"name":"libebl-devel-0.177-150300.11.3.1.aarch64","product_id":"libebl-devel-0.177-150300.11.3.1.aarch64"}},{"category":"product_version","name":"libebl-plugins-0.177-150300.11.3.1.aarch64","product":{"name":"libebl-plugins-0.177-150300.11.3.1.aarch64","product_id":"libebl-plugins-0.177-150300.11.3.1.aarch64"}},{"category":"product_version","name":"libelf-devel-0.177-150300.11.3.1.aarch64","product":{"name":"libelf-devel-0.177-150300.11.3.1.aarch64","product_id":"libelf-devel-0.177-150300.11.3.1.aarch64"}},{"category":"product_version","name":"libelf1-0.177-150300.11.3.1.aarch64","product":{"name":"libelf1-0.177-150300.11.3.1.aarch64","product_id":"libelf1-0.177-150300.11.3.1.aarch64"}}],"category":"architecture","name":"aarch64"},{"branches":[{"category":"product_version","name":"libasm1-64bit-0.177-150300.11.3.1.aarch64_ilp32","product":{"name":"libasm1-64bit-0.177-150300.11.3.1.aarch64_ilp32","product_id":"libasm1-64bit-0.177-150300.11.3.1.aarch64_ilp32"}},{"category":"product_version","name":"libdw1-64bit-0.177-150300.11.3.1.aarch64_ilp32","product":{"name":"libdw1-64bit-0.177-150300.11.3.1.aarch64_ilp32","product_id":"libdw1-64bit-0.177-150300.11.3.1.aarch64_ilp32"}},{"category":"product_version","name":"libdwarves-devel-64bit-1.22-150300.7.3.1.aarch64_ilp32","product":{"name":"libdwarves-devel-64bit-1.22-150300.7.3.1.aarch64_ilp32","product_id":"libdwarves-devel-64bit-1.22-150300.7.3.1.aarch64_ilp32"}},{"category":"product_version","name":"libdwarves1-64bit-1.22-150300.7.3.1.aarch64_ilp32","product":{"name":"libdwarves1-64bit-1.22-150300.7.3.1.aarch64_ilp32","product_id":"libdwarves1-64bit-1.22-150300.7.3.1.aarch64_ilp32"}},{"category":"product_version","name":"libebl-plugins-64bit-0.177-150300.11.3.1.aarch64_ilp32","product":{"name":"libebl-plugins-64bit-0.177-150300.11.3.1.aarch64_ilp32","product_id":"libebl-plugins-64bit-0.177-150300.11.3.1.aarch64_ilp32"}},{"category":"product_version","name":"libelf-devel-64bit-0.177-150300.11.3.1.aarch64_ilp32","product":{"name":"libelf-devel-64bit-0.177-150300.11.3.1.aarch64_ilp32","product_id":"libelf-devel-64bit-0.177-150300.11.3.1.aarch64_ilp32"}},{"category":"product_version","name":"libelf1-64bit-0.177-150300.11.3.1.aarch64_ilp32","product":{"name":"libelf1-64bit-0.177-150300.11.3.1.aarch64_ilp32","product_id":"libelf1-64bit-0.177-150300.11.3.1.aarch64_ilp32"}}],"category":"architecture","name":"aarch64_ilp32"},{"branches":[{"category":"product_version","name":"dwarves-1.22-150300.7.3.1.i586","product":{"name":"dwarves-1.22-150300.7.3.1.i586","product_id":"dwarves-1.22-150300.7.3.1.i586"}},{"category":"product_version","name":"elfutils-0.177-150300.11.3.1.i586","product":{"name":"elfutils-0.177-150300.11.3.1.i586","product_id":"elfutils-0.177-150300.11.3.1.i586"}},{"category":"product_version","name":"libasm-devel-0.177-150300.11.3.1.i586","product":{"name":"libasm-devel-0.177-150300.11.3.1.i586","product_id":"libasm-devel-0.177-150300.11.3.1.i586"}},{"category":"product_version","name":"libasm1-0.177-150300.11.3.1.i586","product":{"name":"libasm1-0.177-150300.11.3.1.i586","product_id":"libasm1-0.177-150300.11.3.1.i586"}},{"category":"product_version","name":"libdw-devel-0.177-150300.11.3.1.i586","product":{"name":"libdw-devel-0.177-150300.11.3.1.i586","product_id":"libdw-devel-0.177-150300.11.3.1.i586"}},{"category":"product_version","name":"libdw1-0.177-150300.11.3.1.i586","product":{"name":"libdw1-0.177-150300.11.3.1.i586","product_id":"libdw1-0.177-150300.11.3.1.i586"}},{"category":"product_version","name":"libdwarves-devel-1.22-150300.7.3.1.i586","product":{"name":"libdwarves-devel-1.22-150300.7.3.1.i586","product_id":"libdwarves-devel-1.22-150300.7.3.1.i586"}},{"category":"product_version","name":"libdwarves1-1.22-150300.7.3.1.i586","product":{"name":"libdwarves1-1.22-150300.7.3.1.i586","product_id":"libdwarves1-1.22-150300.7.3.1.i586"}},{"category":"product_version","name":"libebl-devel-0.177-150300.11.3.1.i586","product":{"name":"libebl-devel-0.177-150300.11.3.1.i586","product_id":"libebl-devel-0.177-150300.11.3.1.i586"}},{"category":"product_version","name":"libebl-plugins-0.177-150300.11.3.1.i586","product":{"name":"libebl-plugins-0.177-150300.11.3.1.i586","product_id":"libebl-plugins-0.177-150300.11.3.1.i586"}},{"category":"product_version","name":"libelf-devel-0.177-150300.11.3.1.i586","product":{"name":"libelf-devel-0.177-150300.11.3.1.i586","product_id":"libelf-devel-0.177-150300.11.3.1.i586"}},{"category":"product_version","name":"libelf1-0.177-150300.11.3.1.i586","product":{"name":"libelf1-0.177-150300.11.3.1.i586","product_id":"libelf1-0.177-150300.11.3.1.i586"}}],"category":"architecture","name":"i586"},{"branches":[{"category":"product_version","name":"elfutils-lang-0.177-150300.11.3.1.noarch","product":{"name":"elfutils-lang-0.177-150300.11.3.1.noarch","product_id":"elfutils-lang-0.177-150300.11.3.1.noarch"}}],"category":"architecture","name":"noarch"},{"branches":[{"category":"product_version","name":"dwarves-1.22-150300.7.3.1.ppc64le","product":{"name":"dwarves-1.22-150300.7.3.1.ppc64le","product_id":"dwarves-1.22-150300.7.3.1.ppc64le"}},{"category":"product_version","name":"elfutils-0.177-150300.11.3.1.ppc64le","product":{"name":"elfutils-0.177-150300.11.3.1.ppc64le","product_id":"elfutils-0.177-150300.11.3.1.ppc64le"}},{"category":"product_version","name":"libasm-devel-0.177-150300.11.3.1.ppc64le","product":{"name":"libasm-devel-0.177-150300.11.3.1.ppc64le","product_id":"libasm-devel-0.177-150300.11.3.1.ppc64le"}},{"category":"product_version","name":"libasm1-0.177-150300.11.3.1.ppc64le","product":{"name":"libasm1-0.177-150300.11.3.1.ppc64le","product_id":"libasm1-0.177-150300.11.3.1.ppc64le"}},{"category":"product_version","name":"libdw-devel-0.177-150300.11.3.1.ppc64le","product":{"name":"libdw-devel-0.177-150300.11.3.1.ppc64le","product_id":"libdw-devel-0.177-150300.11.3.1.ppc64le"}},{"category":"product_version","name":"libdw1-0.177-150300.11.3.1.ppc64le","product":{"name":"libdw1-0.177-150300.11.3.1.ppc64le","product_id":"libdw1-0.177-150300.11.3.1.ppc64le"}},{"category":"product_version","name":"libdwarves-devel-1.22-150300.7.3.1.ppc64le","product":{"name":"libdwarves-devel-1.22-150300.7.3.1.ppc64le","product_id":"libdwarves-devel-1.22-150300.7.3.1.ppc64le"}},{"category":"product_version","name":"libdwarves1-1.22-150300.7.3.1.ppc64le","product":{"name":"libdwarves1-1.22-150300.7.3.1.ppc64le","product_id":"libdwarves1-1.22-150300.7.3.1.ppc64le"}},{"category":"product_version","name":"libebl-devel-0.177-150300.11.3.1.ppc64le","product":{"name":"libebl-devel-0.177-150300.11.3.1.ppc64le","product_id":"libebl-devel-0.177-150300.11.3.1.ppc64le"}},{"category":"product_version","name":"libebl-plugins-0.177-150300.11.3.1.ppc64le","product":{"name":"libebl-plugins-0.177-150300.11.3.1.ppc64le","product_id":"libebl-plugins-0.177-150300.11.3.1.ppc64le"}},{"category":"product_version","name":"libelf-devel-0.177-150300.11.3.1.ppc64le","product":{"name":"libelf-devel-0.177-150300.11.3.1.ppc64le","product_id":"libelf-devel-0.177-150300.11.3.1.ppc64le"}},{"category":"product_version","name":"libelf1-0.177-150300.11.3.1.ppc64le","product":{"name":"libelf1-0.177-150300.11.3.1.ppc64le","product_id":"libelf1-0.177-150300.11.3.1.ppc64le"}}],"category":"architecture","name":"ppc64le"},{"branches":[{"category":"product_version","name":"dwarves-1.22-150300.7.3.1.s390x","product":{"name":"dwarves-1.22-150300.7.3.1.s390x","product_id":"dwarves-1.22-150300.7.3.1.s390x"}},{"category":"product_version","name":"elfutils-0.177-150300.11.3.1.s390x","product":{"name":"elfutils-0.177-150300.11.3.1.s390x","product_id":"elfutils-0.177-150300.11.3.1.s390x"}},{"category":"product_version","name":"libasm-devel-0.177-150300.11.3.1.s390x","product":{"name":"libasm-devel-0.177-150300.11.3.1.s390x","product_id":"libasm-devel-0.177-150300.11.3.1.s390x"}},{"category":"product_version","name":"libasm1-0.177-150300.11.3.1.s390x","product":{"name":"libasm1-0.177-150300.11.3.1.s390x","product_id":"libasm1-0.177-150300.11.3.1.s390x"}},{"category":"product_version","name":"libdw-devel-0.177-150300.11.3.1.s390x","product":{"name":"libdw-devel-0.177-150300.11.3.1.s390x","product_id":"libdw-devel-0.177-150300.11.3.1.s390x"}},{"category":"product_version","name":"libdw1-0.177-150300.11.3.1.s390x","product":{"name":"libdw1-0.177-150300.11.3.1.s390x","product_id":"libdw1-0.177-150300.11.3.1.s390x"}},{"category":"product_version","name":"libdwarves-devel-1.22-150300.7.3.1.s390x","product":{"name":"libdwarves-devel-1.22-150300.7.3.1.s390x","product_id":"libdwarves-devel-1.22-150300.7.3.1.s390x"}},{"category":"product_version","name":"libdwarves1-1.22-150300.7.3.1.s390x","product":{"name":"libdwarves1-1.22-150300.7.3.1.s390x","product_id":"libdwarves1-1.22-150300.7.3.1.s390x"}},{"category":"product_version","name":"libebl-devel-0.177-150300.11.3.1.s390x","product":{"name":"libebl-devel-0.177-150300.11.3.1.s390x","product_id":"libebl-devel-0.177-150300.11.3.1.s390x"}},{"category":"product_version","name":"libebl-plugins-0.177-150300.11.3.1.s390x","product":{"name":"libebl-plugins-0.177-150300.11.3.1.s390x","product_id":"libebl-plugins-0.177-150300.11.3.1.s390x"}},{"category":"product_version","name":"libelf-devel-0.177-150300.11.3.1.s390x","product":{"name":"libelf-devel-0.177-150300.11.3.1.s390x","product_id":"libelf-devel-0.177-150300.11.3.1.s390x"}},{"category":"product_version","name":"libelf1-0.177-150300.11.3.1.s390x","product":{"name":"libelf1-0.177-150300.11.3.1.s390x","product_id":"libelf1-0.177-150300.11.3.1.s390x"}}],"category":"architecture","name":"s390x"},{"branches":[{"category":"product_version","name":"dwarves-1.22-150300.7.3.1.x86_64","product":{"name":"dwarves-1.22-150300.7.3.1.x86_64","product_id":"dwarves-1.22-150300.7.3.1.x86_64"}},{"category":"product_version","name":"elfutils-0.177-150300.11.3.1.x86_64","product":{"name":"elfutils-0.177-150300.11.3.1.x86_64","product_id":"elfutils-0.177-150300.11.3.1.x86_64"}},{"category":"product_version","name":"libasm-devel-0.177-150300.11.3.1.x86_64","product":{"name":"libasm-devel-0.177-150300.11.3.1.x86_64","product_id":"libasm-devel-0.177-150300.11.3.1.x86_64"}},{"category":"product_version","name":"libasm1-0.177-150300.11.3.1.x86_64","product":{"name":"libasm1-0.177-150300.11.3.1.x86_64","product_id":"libasm1-0.177-150300.11.3.1.x86_64"}},{"category":"product_version","name":"libasm1-32bit-0.177-150300.11.3.1.x86_64","product":{"name":"libasm1-32bit-0.177-150300.11.3.1.x86_64","product_id":"libasm1-32bit-0.177-150300.11.3.1.x86_64"}},{"category":"product_version","name":"libdw-devel-0.177-150300.11.3.1.x86_64","product":{"name":"libdw-devel-0.177-150300.11.3.1.x86_64","product_id":"libdw-devel-0.177-150300.11.3.1.x86_64"}},{"category":"product_version","name":"libdw1-0.177-150300.11.3.1.x86_64","product":{"name":"libdw1-0.177-150300.11.3.1.x86_64","product_id":"libdw1-0.177-150300.11.3.1.x86_64"}},{"category":"product_version","name":"libdw1-32bit-0.177-150300.11.3.1.x86_64","product":{"name":"libdw1-32bit-0.177-150300.11.3.1.x86_64","product_id":"libdw1-32bit-0.177-150300.11.3.1.x86_64"}},{"category":"product_version","name":"libdwarves-devel-1.22-150300.7.3.1.x86_64","product":{"name":"libdwarves-devel-1.22-150300.7.3.1.x86_64","product_id":"libdwarves-devel-1.22-150300.7.3.1.x86_64"}},{"category":"product_version","name":"libdwarves-devel-32bit-1.22-150300.7.3.1.x86_64","product":{"name":"libdwarves-devel-32bit-1.22-150300.7.3.1.x86_64","product_id":"libdwarves-devel-32bit-1.22-150300.7.3.1.x86_64"}},{"category":"product_version","name":"libdwarves1-1.22-150300.7.3.1.x86_64","product":{"name":"libdwarves1-1.22-150300.7.3.1.x86_64","product_id":"libdwarves1-1.22-150300.7.3.1.x86_64"}},{"category":"product_version","name":"libdwarves1-32bit-1.22-150300.7.3.1.x86_64","product":{"name":"libdwarves1-32bit-1.22-150300.7.3.1.x86_64","product_id":"libdwarves1-32bit-1.22-150300.7.3.1.x86_64"}},{"category":"product_version","name":"libebl-devel-0.177-150300.11.3.1.x86_64","product":{"name":"libebl-devel-0.177-150300.11.3.1.x86_64","product_id":"libebl-devel-0.177-150300.11.3.1.x86_64"}},{"category":"product_version","name":"libebl-plugins-0.177-150300.11.3.1.x86_64","product":{"name":"libebl-plugins-0.177-150300.11.3.1.x86_64","product_id":"libebl-plugins-0.177-150300.11.3.1.x86_64"}},{"category":"product_version","name":"libebl-plugins-32bit-0.177-150300.11.3.1.x86_64","product":{"name":"libebl-plugins-32bit-0.177-150300.11.3.1.x86_64","product_id":"libebl-plugins-32bit-0.177-150300.11.3.1.x86_64"}},{"category":"product_version","name":"libelf-devel-0.177-150300.11.3.1.x86_64","product":{"name":"libelf-devel-0.177-150300.11.3.1.x86_64","product_id":"libelf-devel-0.177-150300.11.3.1.x86_64"}},{"category":"product_version","name":"libelf-devel-32bit-0.177-150300.11.3.1.x86_64","product":{"name":"libelf-devel-32bit-0.177-150300.11.3.1.x86_64","product_id":"libelf-devel-32bit-0.177-150300.11.3.1.x86_64"}},{"category":"product_version","name":"libelf1-0.177-150300.11.3.1.x86_64","product":{"name":"libelf1-0.177-150300.11.3.1.x86_64","product_id":"libelf1-0.177-150300.11.3.1.x86_64"}},{"category":"product_version","name":"libelf1-32bit-0.177-150300.11.3.1.x86_64","product":{"name":"libelf1-32bit-0.177-150300.11.3.1.x86_64","product_id":"libelf1-32bit-0.177-150300.11.3.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"openSUSE Leap Micro 5.2","product":{"name":"openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2","product_identification_helper":{"cpe":"cpe:/o:opensuse:leap-micro:5.2"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"dwarves-1.22-150300.7.3.1.aarch64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64"},"product_reference":"dwarves-1.22-150300.7.3.1.aarch64","relates_to_product_reference":"openSUSE Leap Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"dwarves-1.22-150300.7.3.1.x86_64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64"},"product_reference":"dwarves-1.22-150300.7.3.1.x86_64","relates_to_product_reference":"openSUSE Leap Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"elfutils-0.177-150300.11.3.1.aarch64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64"},"product_reference":"elfutils-0.177-150300.11.3.1.aarch64","relates_to_product_reference":"openSUSE Leap Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"elfutils-0.177-150300.11.3.1.x86_64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64"},"product_reference":"elfutils-0.177-150300.11.3.1.x86_64","relates_to_product_reference":"openSUSE Leap Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"libasm1-0.177-150300.11.3.1.aarch64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64"},"product_reference":"libasm1-0.177-150300.11.3.1.aarch64","relates_to_product_reference":"openSUSE Leap Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"libasm1-0.177-150300.11.3.1.x86_64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64"},"product_reference":"libasm1-0.177-150300.11.3.1.x86_64","relates_to_product_reference":"openSUSE Leap Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"libdw1-0.177-150300.11.3.1.aarch64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64"},"product_reference":"libdw1-0.177-150300.11.3.1.aarch64","relates_to_product_reference":"openSUSE Leap Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"libdw1-0.177-150300.11.3.1.x86_64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64"},"product_reference":"libdw1-0.177-150300.11.3.1.x86_64","relates_to_product_reference":"openSUSE Leap Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"libdwarves-devel-1.22-150300.7.3.1.aarch64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64"},"product_reference":"libdwarves-devel-1.22-150300.7.3.1.aarch64","relates_to_product_reference":"openSUSE Leap Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"libdwarves-devel-1.22-150300.7.3.1.x86_64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64"},"product_reference":"libdwarves-devel-1.22-150300.7.3.1.x86_64","relates_to_product_reference":"openSUSE Leap Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"libdwarves1-1.22-150300.7.3.1.aarch64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64"},"product_reference":"libdwarves1-1.22-150300.7.3.1.aarch64","relates_to_product_reference":"openSUSE Leap Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"libdwarves1-1.22-150300.7.3.1.x86_64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64"},"product_reference":"libdwarves1-1.22-150300.7.3.1.x86_64","relates_to_product_reference":"openSUSE Leap Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"libebl-plugins-0.177-150300.11.3.1.aarch64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64"},"product_reference":"libebl-plugins-0.177-150300.11.3.1.aarch64","relates_to_product_reference":"openSUSE Leap Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"libebl-plugins-0.177-150300.11.3.1.x86_64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64"},"product_reference":"libebl-plugins-0.177-150300.11.3.1.x86_64","relates_to_product_reference":"openSUSE Leap Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"libelf1-0.177-150300.11.3.1.aarch64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64"},"product_reference":"libelf1-0.177-150300.11.3.1.aarch64","relates_to_product_reference":"openSUSE Leap Micro 5.2"},{"category":"default_component_of","full_product_name":{"name":"libelf1-0.177-150300.11.3.1.x86_64 as component of openSUSE Leap Micro 5.2","product_id":"openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"},"product_reference":"libelf1-0.177-150300.11.3.1.x86_64","relates_to_product_reference":"openSUSE Leap Micro 5.2"}]},"vulnerabilities":[{"cve":"CVE-2017-7607","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-7607"}],"notes":[{"category":"general","text":"The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-7607","url":"https://www.suse.com/security/cve/CVE-2017-7607"},{"category":"external","summary":"SUSE Bug 1033084 for CVE-2017-7607","url":"https://bugzilla.suse.com/1033084"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"moderate"}],"title":"CVE-2017-7607"},{"cve":"CVE-2017-7608","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-7608"}],"notes":[{"category":"general","text":"The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-7608","url":"https://www.suse.com/security/cve/CVE-2017-7608"},{"category":"external","summary":"SUSE Bug 1033085 for CVE-2017-7608","url":"https://bugzilla.suse.com/1033085"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"low"}],"title":"CVE-2017-7608"},{"cve":"CVE-2017-7609","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-7609"}],"notes":[{"category":"general","text":"elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-7609","url":"https://www.suse.com/security/cve/CVE-2017-7609"},{"category":"external","summary":"SUSE Bug 1033086 for CVE-2017-7609","url":"https://bugzilla.suse.com/1033086"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"low"}],"title":"CVE-2017-7609"},{"cve":"CVE-2017-7610","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-7610"}],"notes":[{"category":"general","text":"The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-7610","url":"https://www.suse.com/security/cve/CVE-2017-7610"},{"category":"external","summary":"SUSE Bug 1033087 for CVE-2017-7610","url":"https://bugzilla.suse.com/1033087"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"low"}],"title":"CVE-2017-7610"},{"cve":"CVE-2017-7611","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-7611"}],"notes":[{"category":"general","text":"The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-7611","url":"https://www.suse.com/security/cve/CVE-2017-7611"},{"category":"external","summary":"SUSE Bug 1033088 for CVE-2017-7611","url":"https://bugzilla.suse.com/1033088"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"low"}],"title":"CVE-2017-7611"},{"cve":"CVE-2017-7612","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-7612"}],"notes":[{"category":"general","text":"The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-7612","url":"https://www.suse.com/security/cve/CVE-2017-7612"},{"category":"external","summary":"SUSE Bug 1033089 for CVE-2017-7612","url":"https://bugzilla.suse.com/1033089"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"low"}],"title":"CVE-2017-7612"},{"cve":"CVE-2017-7613","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-7613"}],"notes":[{"category":"general","text":"elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-7613","url":"https://www.suse.com/security/cve/CVE-2017-7613"},{"category":"external","summary":"SUSE Bug 1033090 for CVE-2017-7613","url":"https://bugzilla.suse.com/1033090"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"low"}],"title":"CVE-2017-7613"},{"cve":"CVE-2018-16062","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-16062"}],"notes":[{"category":"general","text":"dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-16062","url":"https://www.suse.com/security/cve/CVE-2018-16062"},{"category":"external","summary":"SUSE Bug 1106390 for CVE-2018-16062","url":"https://bugzilla.suse.com/1106390"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.4,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"moderate"}],"title":"CVE-2018-16062"},{"cve":"CVE-2018-16402","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-16402"}],"notes":[{"category":"general","text":"libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-16402","url":"https://www.suse.com/security/cve/CVE-2018-16402"},{"category":"external","summary":"SUSE Bug 1107066 for CVE-2018-16402","url":"https://bugzilla.suse.com/1107066"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"moderate"}],"title":"CVE-2018-16402"},{"cve":"CVE-2018-16403","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-16403"}],"notes":[{"category":"general","text":"libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-16403","url":"https://www.suse.com/security/cve/CVE-2018-16403"},{"category":"external","summary":"SUSE Bug 1107067 for CVE-2018-16403","url":"https://bugzilla.suse.com/1107067"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"low"}],"title":"CVE-2018-16403"},{"cve":"CVE-2018-18310","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-18310"}],"notes":[{"category":"general","text":"An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-18310","url":"https://www.suse.com/security/cve/CVE-2018-18310"},{"category":"external","summary":"SUSE Bug 1111973 for CVE-2018-18310","url":"https://bugzilla.suse.com/1111973"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"low"}],"title":"CVE-2018-18310"},{"cve":"CVE-2018-18520","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-18520"}],"notes":[{"category":"general","text":"An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-18520","url":"https://www.suse.com/security/cve/CVE-2018-18520"},{"category":"external","summary":"SUSE Bug 1112726 for CVE-2018-18520","url":"https://bugzilla.suse.com/1112726"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"low"}],"title":"CVE-2018-18520"},{"cve":"CVE-2018-18521","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-18521"}],"notes":[{"category":"general","text":"Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by eu-ranlib, because a zero sh_entsize is mishandled.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-18521","url":"https://www.suse.com/security/cve/CVE-2018-18521"},{"category":"external","summary":"SUSE Bug 1112723 for CVE-2018-18521","url":"https://bugzilla.suse.com/1112723"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"low"}],"title":"CVE-2018-18521"},{"cve":"CVE-2019-7146","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-7146"}],"notes":[{"category":"general","text":"In elfutils 0.175, there is a buffer over-read in the ebl_object_note function in eblobjnote.c in libebl. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted elf file, as demonstrated by eu-readelf.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-7146","url":"https://www.suse.com/security/cve/CVE-2019-7146"},{"category":"external","summary":"SUSE Bug 1123545 for CVE-2019-7146","url":"https://bugzilla.suse.com/1123545"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.1"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"low"}],"title":"CVE-2019-7146"},{"cve":"CVE-2019-7148","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-7148"}],"notes":[{"category":"general","text":"An attempted excessive memory allocation was discovered in the function read_long_names in elf_begin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception. NOTE: The maintainers believe this is not a real issue, but instead a \"warning caused by ASAN because the allocation is big. By setting ASAN_OPTIONS=allocator_may_return_null=1 and running the reproducer, nothing happens.\"","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-7148","url":"https://www.suse.com/security/cve/CVE-2019-7148"},{"category":"external","summary":"SUSE Bug 1123687 for CVE-2019-7148","url":"https://bugzilla.suse.com/1123687"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"moderate"}],"title":"CVE-2019-7148"},{"cve":"CVE-2019-7149","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-7149"}],"notes":[{"category":"general","text":"A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-7149","url":"https://www.suse.com/security/cve/CVE-2019-7149"},{"category":"external","summary":"SUSE Bug 1123559 for CVE-2019-7149","url":"https://bugzilla.suse.com/1123559"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"moderate"}],"title":"CVE-2019-7149"},{"cve":"CVE-2019-7150","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-7150"}],"notes":[{"category":"general","text":"An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to dwfl_segment_report_module not checking whether the dyn data read from a core file is truncated. A crafted input can cause a program crash, leading to denial-of-service, as demonstrated by eu-stack.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-7150","url":"https://www.suse.com/security/cve/CVE-2019-7150"},{"category":"external","summary":"SUSE Bug 1123685 for CVE-2019-7150","url":"https://bugzilla.suse.com/1123685"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"low"}],"title":"CVE-2019-7150"},{"cve":"CVE-2019-7664","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-7664"}],"notes":[{"category":"general","text":"In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash).","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-7664","url":"https://www.suse.com/security/cve/CVE-2019-7664"},{"category":"external","summary":"SUSE Bug 1125008 for CVE-2019-7664","url":"https://bugzilla.suse.com/1125008"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"low"}],"title":"CVE-2019-7664"},{"cve":"CVE-2019-7665","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-7665"}],"notes":[{"category":"general","text":"In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2019-7665","url":"https://www.suse.com/security/cve/CVE-2019-7665"},{"category":"external","summary":"SUSE Bug 1125007 for CVE-2019-7665","url":"https://bugzilla.suse.com/1125007"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","version":"3.0"},"products":["openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:dwarves-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:elfutils-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libasm1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libdw1-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves-devel-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.aarch64","openSUSE Leap Micro 5.2:libdwarves1-1.22-150300.7.3.1.x86_64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libebl-plugins-0.177-150300.11.3.1.x86_64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.aarch64","openSUSE Leap Micro 5.2:libelf1-0.177-150300.11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-08-01T08:41:26Z","details":"low"}],"title":"CVE-2019-7665"}]}