Upstream information

CVE-2011-0524 at MITRE

Description

Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 allow local users to cause a denial of service (crash) via unspecified vectors related to the sprintf function.

SUSE information

Overall state of this security issue: Postponed

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 2.1
Vector AV:L/AC:L/Au:N/C:N/I:N/A:P
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 666839 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12 SP2
  • libgypsy0 >= 0.9-6.24
Patchnames:
SUSE Linux Enterprise Desktop 12 SP2 GA libgypsy0
SUSE Linux Enterprise Desktop 12 SP3
  • libgypsy0 >= 0.9-6.24
Patchnames:
SUSE Linux Enterprise Desktop 12 SP3 GA libgypsy0
SUSE Linux Enterprise Server 12 SP2
  • libgypsy0 >= 0.9-6.24
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA libgypsy0
SUSE Linux Enterprise Server 12 SP3
  • libgypsy0 >= 0.9-6.24
Patchnames:
SUSE Linux Enterprise Server 12 SP3 GA libgypsy0
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • libgypsy0 >= 0.9-6.22
Patchnames:
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA libgypsy0
SUSE Linux Enterprise Software Development Kit 12
  • libgypsy0 >= 0.9-6.24
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 GA libgypsy0
SUSE Linux Enterprise Software Development Kit 12 SP1
  • libgypsy-devel >= 0.9-6.24
  • libgypsy0 >= 0.9-6.24
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP1 GA libgypsy-devel
SUSE Linux Enterprise Software Development Kit 12 SP2
  • libgypsy-devel >= 0.9-6.24
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP2 GA libgypsy-devel
SUSE Linux Enterprise Software Development Kit 12 SP3
  • libgypsy-devel >= 0.9-6.24
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP3 GA libgypsy-devel
openSUSE 11.4
  • gypsy >= 0.8-5.1
  • gypsy-debuginfo >= 0.8-5.1
  • gypsy-debugsource >= 0.8-5.1
  • libgypsy-devel >= 0.8-5.1
  • libgypsy0 >= 0.8-5.1
  • libgypsy0-debuginfo >= 0.8-5.1
Patchnames:
openSUSE-2012-394
openSUSE Leap 42.1
  • libgypsy0 >= 0.9-9.1
Patchnames:
openSUSE Leap 42.1 GA libgypsy0
openSUSE Leap 42.2
  • libgypsy0 >= 0.9-11.3
Patchnames:
openSUSE Leap 42.2 GA libgypsy0
openSUSE Leap 42.3
  • libgypsy0 >= 0.9-13.4
Patchnames:
openSUSE Leap 42.3 GA libgypsy0
openSUSE Tumbleweed
  • gypsy >= 0.9-10.5
  • libgypsy-devel >= 0.9-10.5
  • libgypsy0 >= 0.9-10.5
  • libgypsy0-32bit >= 0.9-10.5
Patchnames:
openSUSE Tumbleweed GA gypsy