4 matches found
SUSE CVE-2017-1000198
tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handlerglfs.so handler resulting in denial of service...
tcmu-runner: glfs handler allows local DoS via crafted CheckConfig strings
A flaw was found in the implementation of CheckConfig method in handlerglfs.so of the tcmu-runner daemon. A local, non-root user with access to the D-Bus system bus could send a specially crafted string to CheckConfig method resulting in various kinds of segmentation fault...
SUSE SLES12 Security Update : tcmu-runner (SUSE-SU-2017:2601-1)
This update for tcmu-runner fixes the following issues: Security issues fixed : - CVE-2017-1000198: The glfs handler allowed local DoS via crafted CheckConfig strings bsc1049485 - CVE-2017-1000199: The qcow handler leaked information via the CheckConfig D-Bus method bsc1049491 Note that Tenable...
SUSE SLES12 Security Update : tcmu-runner (SUSE-SU-2017:2109-1)
This update for tcmu-runner fixes the following issues : - qcow handler opens up an information leak via the CheckConfig D-Bus method bsc1049491 - glfs handler allows local DoS via crafted CheckConfig strings bsc1049485 - UnregisterHandler dbus method in tcmu-runner daemon for non-existing handle...