Security update for glibc SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2018:1562-1 Final 1 1 2018-06-06T09:44:49Z current 2018-06-06T09:44:49Z 2018-06-06T09:44:49Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for glibc This update for glibc fixes the following issues: - CVE-2017-18269: Fix SSE2 memmove issue when crossing 2GB boundary (bsc#1094150) - CVE-2018-11236: Fix overflow in path length computation (bsc#1094161) - CVE-2018-11237: Don't write beyond buffer destination in __mempcpy_avx512_no_vzeroupper (bsc#1094154) Non security bugs fixed: - Fix crash in resolver on memory allocation failure (bsc#1086690) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-OpenStack-Cloud-7-2018-1077,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-1077,SUSE-SLE-DESKTOP-12-SP3-2018-1077,SUSE-SLE-SAP-12-SP2-2018-1077,SUSE-SLE-SDK-12-SP3-2018-1077,SUSE-SLE-SERVER-12-SP2-2018-1077,SUSE-SLE-SERVER-12-SP3-2018-1077,SUSE-Storage-4-2018-1077 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2018/suse-su-20181562-1/ Link for SUSE-SU-2018:1562-1 https://lists.suse.com/pipermail/sle-security-updates/2018-June/004156.html E-Mail link for SUSE-SU-2018:1562-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1086690 SUSE Bug 1086690 https://bugzilla.suse.com/1094150 SUSE Bug 1094150 https://bugzilla.suse.com/1094154 SUSE Bug 1094154 https://bugzilla.suse.com/1094161 SUSE Bug 1094161 https://www.suse.com/security/cve/CVE-2017-18269/ SUSE CVE CVE-2017-18269 page https://www.suse.com/security/cve/CVE-2018-11236/ SUSE CVE CVE-2018-11236 page https://www.suse.com/security/cve/CVE-2018-11237/ SUSE CVE CVE-2018-11237 page SUSE Enterprise Storage 4 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE OpenStack Cloud 7 glibc-2.22-62.13.2 glibc-32bit-2.22-62.13.2 glibc-devel-2.22-62.13.2 glibc-devel-32bit-2.22-62.13.2 glibc-html-2.22-62.13.2 glibc-i18ndata-2.22-62.13.2 glibc-info-2.22-62.13.2 glibc-locale-2.22-62.13.2 glibc-locale-32bit-2.22-62.13.2 glibc-profile-2.22-62.13.2 glibc-profile-32bit-2.22-62.13.2 nscd-2.22-62.13.2 glibc-devel-static-2.22-62.13.2 glibc-2.22-62.13.2 as a component of SUSE Enterprise Storage 4 glibc-32bit-2.22-62.13.2 as a component of SUSE Enterprise Storage 4 glibc-devel-2.22-62.13.2 as a component of SUSE Enterprise Storage 4 glibc-devel-32bit-2.22-62.13.2 as a component of SUSE Enterprise Storage 4 glibc-html-2.22-62.13.2 as a component of SUSE Enterprise Storage 4 glibc-i18ndata-2.22-62.13.2 as a component of SUSE Enterprise Storage 4 glibc-info-2.22-62.13.2 as a component of SUSE Enterprise Storage 4 glibc-locale-2.22-62.13.2 as a component of SUSE Enterprise Storage 4 glibc-locale-32bit-2.22-62.13.2 as a component of SUSE Enterprise Storage 4 glibc-profile-2.22-62.13.2 as a component of SUSE Enterprise Storage 4 glibc-profile-32bit-2.22-62.13.2 as a component of SUSE Enterprise Storage 4 nscd-2.22-62.13.2 as a component of SUSE Enterprise Storage 4 glibc-2.22-62.13.2 as a component of SUSE Linux Enterprise Desktop 12 SP3 glibc-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Desktop 12 SP3 glibc-devel-2.22-62.13.2 as a component of SUSE Linux Enterprise Desktop 12 SP3 glibc-devel-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Desktop 12 SP3 glibc-i18ndata-2.22-62.13.2 as a component of SUSE Linux Enterprise Desktop 12 SP3 glibc-locale-2.22-62.13.2 as a component of SUSE Linux Enterprise Desktop 12 SP3 glibc-locale-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Desktop 12 SP3 nscd-2.22-62.13.2 as a component of SUSE Linux Enterprise Desktop 12 SP3 glibc-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS glibc-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS glibc-devel-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS glibc-devel-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS glibc-html-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS glibc-i18ndata-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS glibc-info-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS glibc-locale-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS glibc-locale-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS glibc-profile-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS glibc-profile-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS nscd-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS glibc-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP3 glibc-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP3 glibc-devel-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP3 glibc-devel-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP3 glibc-html-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP3 glibc-i18ndata-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP3 glibc-info-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP3 glibc-locale-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP3 glibc-locale-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP3 glibc-profile-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP3 glibc-profile-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP3 nscd-2.22-62.13.2 as a component of SUSE Linux Enterprise Server 12 SP3 glibc-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 glibc-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 glibc-devel-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 glibc-devel-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 glibc-html-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 glibc-i18ndata-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 glibc-info-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 glibc-locale-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 glibc-locale-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 glibc-profile-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 glibc-profile-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 nscd-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 glibc-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 glibc-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 glibc-devel-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 glibc-devel-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 glibc-html-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 glibc-i18ndata-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 glibc-info-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 glibc-locale-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 glibc-locale-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 glibc-profile-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 glibc-profile-32bit-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 nscd-2.22-62.13.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 glibc-devel-static-2.22-62.13.2 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 glibc-info-2.22-62.13.2 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 glibc-2.22-62.13.2 as a component of SUSE OpenStack Cloud 7 glibc-32bit-2.22-62.13.2 as a component of SUSE OpenStack Cloud 7 glibc-devel-2.22-62.13.2 as a component of SUSE OpenStack Cloud 7 glibc-devel-32bit-2.22-62.13.2 as a component of SUSE OpenStack Cloud 7 glibc-html-2.22-62.13.2 as a component of SUSE OpenStack Cloud 7 glibc-i18ndata-2.22-62.13.2 as a component of SUSE OpenStack Cloud 7 glibc-info-2.22-62.13.2 as a component of SUSE OpenStack Cloud 7 glibc-locale-2.22-62.13.2 as a component of SUSE OpenStack Cloud 7 glibc-locale-32bit-2.22-62.13.2 as a component of SUSE OpenStack Cloud 7 glibc-profile-2.22-62.13.2 as a component of SUSE OpenStack Cloud 7 glibc-profile-32bit-2.22-62.13.2 as a component of SUSE OpenStack Cloud 7 nscd-2.22-62.13.2 as a component of SUSE OpenStack Cloud 7 An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution. CVE-2017-18269 SUSE Enterprise Storage 4:glibc-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-32bit-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-devel-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-devel-32bit-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-html-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-i18ndata-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-info-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-locale-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-locale-32bit-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-profile-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-profile-32bit-2.22-62.13.2 SUSE Enterprise Storage 4:nscd-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-32bit-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-devel-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-devel-32bit-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-i18ndata-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-locale-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-locale-32bit-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:nscd-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-devel-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-devel-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-html-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-i18ndata-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-info-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-locale-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-locale-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-profile-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-profile-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:nscd-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-devel-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-devel-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-html-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-i18ndata-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-info-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-locale-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-locale-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-profile-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-profile-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:nscd-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-devel-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-devel-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-html-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-i18ndata-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-info-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-locale-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-locale-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-profile-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-profile-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:nscd-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-devel-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-devel-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-html-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-i18ndata-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-info-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-locale-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-locale-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-profile-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-profile-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:nscd-2.22-62.13.2 SUSE Linux Enterprise Software Development Kit 12 SP3:glibc-devel-static-2.22-62.13.2 SUSE Linux Enterprise Software Development Kit 12 SP3:glibc-info-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-32bit-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-devel-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-devel-32bit-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-html-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-i18ndata-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-info-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-locale-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-locale-32bit-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-profile-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-profile-32bit-2.22-62.13.2 SUSE OpenStack Cloud 7:nscd-2.22-62.13.2 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20181562-1/ https://www.suse.com/security/cve/CVE-2017-18269.html CVE-2017-18269 https://bugzilla.suse.com/1094150 SUSE Bug 1094150 https://bugzilla.suse.com/1118435 SUSE Bug 1118435 stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution. CVE-2018-11236 SUSE Enterprise Storage 4:glibc-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-32bit-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-devel-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-devel-32bit-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-html-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-i18ndata-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-info-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-locale-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-locale-32bit-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-profile-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-profile-32bit-2.22-62.13.2 SUSE Enterprise Storage 4:nscd-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-32bit-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-devel-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-devel-32bit-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-i18ndata-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-locale-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-locale-32bit-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:nscd-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-devel-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-devel-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-html-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-i18ndata-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-info-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-locale-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-locale-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-profile-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-profile-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:nscd-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-devel-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-devel-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-html-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-i18ndata-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-info-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-locale-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-locale-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-profile-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-profile-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:nscd-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-devel-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-devel-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-html-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-i18ndata-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-info-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-locale-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-locale-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-profile-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-profile-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:nscd-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-devel-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-devel-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-html-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-i18ndata-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-info-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-locale-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-locale-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-profile-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-profile-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:nscd-2.22-62.13.2 SUSE Linux Enterprise Software Development Kit 12 SP3:glibc-devel-static-2.22-62.13.2 SUSE Linux Enterprise Software Development Kit 12 SP3:glibc-info-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-32bit-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-devel-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-devel-32bit-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-html-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-i18ndata-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-info-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-locale-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-locale-32bit-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-profile-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-profile-32bit-2.22-62.13.2 SUSE OpenStack Cloud 7:nscd-2.22-62.13.2 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20181562-1/ https://www.suse.com/security/cve/CVE-2018-11236.html CVE-2018-11236 https://bugzilla.suse.com/1094161 SUSE Bug 1094161 https://bugzilla.suse.com/1110160 SUSE Bug 1110160 https://bugzilla.suse.com/1118435 SUSE Bug 1118435 https://bugzilla.suse.com/1123874 SUSE Bug 1123874 An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper. CVE-2018-11237 SUSE Enterprise Storage 4:glibc-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-32bit-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-devel-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-devel-32bit-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-html-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-i18ndata-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-info-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-locale-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-locale-32bit-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-profile-2.22-62.13.2 SUSE Enterprise Storage 4:glibc-profile-32bit-2.22-62.13.2 SUSE Enterprise Storage 4:nscd-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-32bit-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-devel-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-devel-32bit-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-i18ndata-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-locale-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:glibc-locale-32bit-2.22-62.13.2 SUSE Linux Enterprise Desktop 12 SP3:nscd-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-devel-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-devel-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-html-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-i18ndata-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-info-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-locale-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-locale-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-profile-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:glibc-profile-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP2-LTSS:nscd-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-devel-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-devel-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-html-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-i18ndata-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-info-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-locale-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-locale-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-profile-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:glibc-profile-32bit-2.22-62.13.2 SUSE Linux Enterprise Server 12 SP3:nscd-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-devel-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-devel-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-html-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-i18ndata-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-info-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-locale-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-locale-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-profile-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:glibc-profile-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP2:nscd-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-devel-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-devel-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-html-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-i18ndata-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-info-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-locale-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-locale-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-profile-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:glibc-profile-32bit-2.22-62.13.2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:nscd-2.22-62.13.2 SUSE Linux Enterprise Software Development Kit 12 SP3:glibc-devel-static-2.22-62.13.2 SUSE Linux Enterprise Software Development Kit 12 SP3:glibc-info-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-32bit-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-devel-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-devel-32bit-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-html-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-i18ndata-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-info-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-locale-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-locale-32bit-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-profile-2.22-62.13.2 SUSE OpenStack Cloud 7:glibc-profile-32bit-2.22-62.13.2 SUSE OpenStack Cloud 7:nscd-2.22-62.13.2 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20181562-1/ https://www.suse.com/security/cve/CVE-2018-11237.html CVE-2018-11237 https://bugzilla.suse.com/1092877 SUSE Bug 1092877 https://bugzilla.suse.com/1094154 SUSE Bug 1094154 https://bugzilla.suse.com/1118435 SUSE Bug 1118435