| Snyk

Threat Intelligence

1.89% (89^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk IDSNYK-SLES150-LIBSOFTOKN332BIT-2759870
published14 Apr 2022
disclosed21 Dec 2018

Report a new vulnerability Found a mistake?

Introduced: 21 Dec 2018

CVE-2018-17466 (opens in a new tab) CWE-125 (opens in a new tab)

How to fix?

Upgrade SLES:15.0 libsoftokn3-32bit to version 3.40.1-3.7.2 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream libsoftokn3-32bit package and not the libsoftokn3-32bit package as distributed by SLES. See How to fix? for SLES:15.0 relevant fixed versions and status.

Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

References

https://www.suse.com/security/cve/CVE-2018-17466.html
https://bugzilla.suse.com/1112111
https://bugzilla.suse.com/1119105
https://bugzilla.suse.com/1121207
http://www.securityfocus.com/bid/105666
http://www.securityfocus.com/bid/106168
https://access.redhat.com/errata/RHSA-2018:3004
https://access.redhat.com/errata/RHSA-2018:3831
https://access.redhat.com/errata/RHSA-2018:3833
https://access.redhat.com/errata/RHSA-2019:0159
https://access.redhat.com/errata/RHSA-2019:0160
https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html
https://crbug.com/880906
https://lists.debian.org/debian-lts-announce/2018/12/msg00002.html
https://security.gentoo.org/glsa/201811-10
https://usn.ubuntu.com/3844-1/
https://usn.ubuntu.com/3868-1/
https://www.debian.org/security/2018/dsa-4330
https://www.debian.org/security/2018/dsa-4354
https://www.debian.org/security/2019/dsa-4362

Out-of-bounds Read Affecting libsoftokn3-32bit package, versions <3.40.1-3.7.2

Severity