rpm package
suse/tcmu-runner&distro=SUSE Linux Enterprise Server 12 SP2
pkg:rpm/suse/tcmu-runner&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-1000199 | Hig | 7.5 | < 1.0.4-3.3.10 | 1.0.4-3.3.10 | Nov 17, 2017 | tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handler_qcow.so resulting in non-privileged users being able to check for existence of any file with root privileges. | |
| CVE-2017-1000198 | Hig | 7.5 | < 1.0.4-3.3.10 | 1.0.4-3.3.10 | Nov 17, 2017 | tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of service |
- affected < 1.0.4-3.3.10fixed 1.0.4-3.3.10
tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handler_qcow.so resulting in non-privileged users being able to check for existence of any file with root privileges.
- affected < 1.0.4-3.3.10fixed 1.0.4-3.3.10
tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of service