CVE-2017-18198 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-18198 Interim 1 27 2025-11-05T03:44:19Z current 2021-05-30T14:05:26Z 2025-11-05T03:44:19Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-18198 print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Desktop Applications 15 SP3 SUSE Liberty Linux 7 SUSE Liberty Linux 7 LTSS SUSE Linux Enterprise Module for Desktop Applications 15 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP5 SUSE Linux Enterprise Module for Desktop Applications 15 SP6 SUSE Linux Enterprise Module for Desktop Applications 15 SP7 SUSE Linux Enterprise Module for Desktop Applications 15 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP5 SUSE Linux Enterprise Module for Desktop Applications 15 SP6 SUSE Linux Enterprise Module for Desktop Applications 15 SP7 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Module for Desktop Applications 15 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP5 SUSE Linux Enterprise Module for Desktop Applications 15 SP6 SUSE Linux Enterprise Module for Desktop Applications 15 SP7 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Module for Desktop Applications 15 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP5 SUSE Linux Enterprise Module for Desktop Applications 15 SP6 SUSE Linux Enterprise Module for Desktop Applications 15 SP7 SUSE Linux Enterprise Module for Desktop Applications 15 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 openSUSE Leap 15.3 openSUSE Leap 15.4 openSUSE Tumbleweed libcdio libcdio++0-2.1.0-1.27 libcdio++0-2.1.0-2.6 libcdio++0-32bit-2.1.0-2.6 libcdio++1-2.1.0-160000.2.2 libcdio-0.92-3.el7 libcdio-devel-0.92-3.el7 libcdio-devel-2.1.0-1.27 libcdio-devel-2.1.0-160000.2.2 libcdio-devel-2.1.0-2.6 libcdio14 libcdio14-32bit libcdio19-2.1.0-1.27 libcdio19-2.1.0-160000.2.2 libcdio19-2.1.0-2.6 libcdio19-32bit-2.1.0-2.6 libiso9660++0-2.1.0-160000.2.2 libiso9660-11-2.1.0-1.27 libiso9660-11-2.1.0-160000.2.2 libiso9660-11-2.1.0-2.6 libiso9660-11-32bit-2.1.0-2.6 libudf0-2.1.0-1.27 libudf0-2.1.0-160000.2.2 libudf0-2.1.0-2.6 libudf0-32bit-2.1.0-2.6 libcdio-0.92-3.el7 as a component of SUSE Liberty Linux 7 libcdio-devel-0.92-3.el7 as a component of SUSE Liberty Linux 7 libcdio-0.92-3.el7 as a component of SUSE Liberty Linux 7 LTSS libcdio-devel-0.92-3.el7 as a component of SUSE Liberty Linux 7 LTSS libcdio++0-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3 libcdio-devel-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3 libcdio19-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3 libiso9660-11-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3 libudf0-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP3 libcdio++0-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4 libcdio-devel-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4 libcdio19-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4 libiso9660-11-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4 libudf0-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4 libcdio++0-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP5 libcdio-devel-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP5 libcdio19-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP5 libiso9660-11-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP5 libudf0-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP5 libcdio++0-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6 libcdio-devel-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6 libcdio19-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6 libiso9660-11-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6 libudf0-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP6 libcdio++0-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP7 libcdio-devel-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP7 libcdio19-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP7 libiso9660-11-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP7 libudf0-2.1.0-1.27 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP7 libcdio++1-2.1.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libcdio-devel-2.1.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libcdio19-2.1.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libiso9660++0-2.1.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libiso9660-11-2.1.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libudf0-2.1.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libcdio19-2.1.0-1.27 as a component of openSUSE Leap 15.3 libcdio19-2.1.0-1.27 as a component of openSUSE Leap 15.4 libcdio++0-2.1.0-2.6 as a component of openSUSE Tumbleweed libcdio++0-32bit-2.1.0-2.6 as a component of openSUSE Tumbleweed libcdio-devel-2.1.0-2.6 as a component of openSUSE Tumbleweed libcdio19-2.1.0-2.6 as a component of openSUSE Tumbleweed libcdio19-32bit-2.1.0-2.6 as a component of openSUSE Tumbleweed libiso9660-11-2.1.0-2.6 as a component of openSUSE Tumbleweed libiso9660-11-32bit-2.1.0-2.6 as a component of openSUSE Tumbleweed libudf0-2.1.0-2.6 as a component of openSUSE Tumbleweed libudf0-32bit-2.1.0-2.6 as a component of openSUSE Tumbleweed libcdio14 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS libcdio14-32bit as a component of SUSE Linux Enterprise Server 12 SP4-LTSS libcdio as a component of SUSE Linux Enterprise Server 12 SP4-LTSS print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file. CVE-2017-18198 SUSE Liberty Linux 7:libcdio-0.92-3.el7 SUSE Liberty Linux 7:libcdio-devel-0.92-3.el7 SUSE Liberty Linux 7 LTSS:libcdio-0.92-3.el7 SUSE Liberty Linux 7 LTSS:libcdio-devel-0.92-3.el7 SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libcdio++0-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libcdio-devel-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libcdio19-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libiso9660-11-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP3:libudf0-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libcdio++0-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libcdio-devel-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libcdio19-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libiso9660-11-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libudf0-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libcdio++0-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libcdio-devel-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libcdio19-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libiso9660-11-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libudf0-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libcdio++0-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libcdio-devel-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libcdio19-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libiso9660-11-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libudf0-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP7:libcdio++0-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP7:libcdio-devel-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP7:libcdio19-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP7:libiso9660-11-2.1.0-1.27 SUSE Linux Enterprise Module for Desktop Applications 15 SP7:libudf0-2.1.0-1.27 SUSE Linux Enterprise Server 16.0:libcdio++1-2.1.0-160000.2.2 SUSE Linux Enterprise Server 16.0:libcdio-devel-2.1.0-160000.2.2 SUSE Linux Enterprise Server 16.0:libcdio19-2.1.0-160000.2.2 SUSE Linux Enterprise Server 16.0:libiso9660++0-2.1.0-160000.2.2 SUSE Linux Enterprise Server 16.0:libiso9660-11-2.1.0-160000.2.2 SUSE Linux Enterprise Server 16.0:libudf0-2.1.0-160000.2.2 openSUSE Leap 15.3:libcdio19-2.1.0-1.27 openSUSE Leap 15.4:libcdio19-2.1.0-1.27 openSUSE Tumbleweed:libcdio++0-2.1.0-2.6 openSUSE Tumbleweed:libcdio++0-32bit-2.1.0-2.6 openSUSE Tumbleweed:libcdio-devel-2.1.0-2.6 openSUSE Tumbleweed:libcdio19-2.1.0-2.6 openSUSE Tumbleweed:libcdio19-32bit-2.1.0-2.6 openSUSE Tumbleweed:libiso9660-11-2.1.0-2.6 openSUSE Tumbleweed:libiso9660-11-32bit-2.1.0-2.6 openSUSE Tumbleweed:libudf0-2.1.0-2.6 openSUSE Tumbleweed:libudf0-32bit-2.1.0-2.6 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 3.9 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L