Bug 974209 (CVE-2016-1019) - VUL-0: CVE-2016-1019: flash-player: Potential code execution issue (APSA16-01)
Summary: VUL-0: CVE-2016-1019: flash-player: Potential code execution issue (APSA16-01)
Status: RESOLVED FIXED
Alias: CVE-2016-1019
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P1 - Urgent : Critical
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/166400/
Whiteboard: CVSSv2:SUSE:CVE-2016-1019:9.0:(AV:N/...
Keywords:
Depends on:
Blocks:
 
Reported: 2016-04-06 08:48 UTC by Johannes Segitz
Modified: 2019-05-01 17:08 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2016-04-06 08:48:34 UTC 
Vulnerability identifier: APSA16-01
CVE number: CVE-2016-1019

Platforms: Windows, Macintosh, Linux and Chrome OS
Summary

A critical vulnerability (CVE-2016-1019) exists in Adobe Flash Player 21.0.0.197 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.

Adobe is aware of reports that CVE-2016-1019 is being actively exploited on systems running Windows 7 and Windows XP with Flash Player version 20.0.0.306 and earlier. A mitigation introduced in Flash Player 21.0.0.182 currently prevents exploitation of this vulnerability, protecting users running Flash Player 21.0.0.182 and later.

Adobe is planning to provide a security update to address this vulnerability as early as April 7. For the latest information, users may monitor the Adobe Product Security Incident Response Team blog.

References:
https://helpx.adobe.com/security/products/flash-player/apsa16-01.html
https://bugzilla.redhat.com/show_bug.cgi?id=1324353
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1019
Comment 1 Stanislav Brabec 2016-04-06 13:56:01 UTC 
"Adobe is planning to provide a security update to address this vulnerability as early as April 7. For the latest information, users may monitor the Adobe Product Security Incident Response Team blog."

There is no single reference to versio 11.2.x, so it is not yet known, whether flash-player is affected, or only PepperFlashPlayer is.

11.2.202.577 is still the latest version.
Comment 7 Stanislav Brabec 2016-04-07 21:59:31 UTC 
Fix released for public by Adobe. Files are the same as the NDA files.

Released for openSUSE: https://build.opensuse.org/request/show/386031

It was submitted from a --noaccess repository, so I am not sure whether it will work correctly for you.
Comment 8 Swamp Workflow Management 2016-04-08 13:08:50 UTC 
openSUSE-SU-2016:0987-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 974209
CVE References: CVE-2016-1019
Sources used:
openSUSE 13.2 NonFree (src):    flash-player-11.2.202.616-2.94.1
Comment 9 Swamp Workflow Management 2016-04-08 15:08:08 UTC 
SUSE-SU-2016:0990-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 974209
CVE References: CVE-2016-1019
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP1 (src):    flash-player-11.2.202.616-126.1
SUSE Linux Enterprise Workstation Extension 12 (src):    flash-player-11.2.202.616-126.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    flash-player-11.2.202.616-126.1
SUSE Linux Enterprise Desktop 12 (src):    flash-player-11.2.202.616-126.1
Comment 10 Swamp Workflow Management 2016-04-08 20:07:48 UTC 
openSUSE-SU-2016:0997-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 974209
CVE References: CVE-2016-1019
Sources used:
openSUSE 13.1 NonFree (src):    flash-player-11.2.202.616-159.1
Comment 11 Marcus Meissner 2016-04-10 17:41:31 UTC 
released
Comment 12 Johannes Segitz 2016-04-11 08:01:46 UTC 
Also fixed these issues (https://helpx.adobe.com/security/products/flash-player/apsb16-10.html):

- These updates harden a mitigation against JIT spraying attacks that could be used to bypass memory layout randomization mitigations (CVE-2016-1006).
- These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-1015, CVE-2016-1019).
- These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, CVE-2016-1017, CVE-2016-1031).
- These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, CVE-2016-1033).
- These updates resolve a stack overflow vulnerability that could lead to code execution (CVE-2016-1018).
- These updates resolve a security bypass vulnerability (CVE-2016-1030).
- These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-1014).
Comment 13 Stanislav Brabec 2016-04-11 15:35:37 UTC 
We can enhance changes file during the next update.
Comment 14 Swamp Workflow Management 2016-04-26 15:08:45 UTC 
openSUSE-SU-2016:1157-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 974209
CVE References: CVE-2016-1019
Sources used:
openSUSE Evergreen 11.4 (src):    flash-player-11.2.202.616-182.1
Comment 15 Stanislav Brabec 2016-05-12 11:22:16 UTC 
changes updated:

openSUSE:Maintenance: Using target project 'openSUSE:Maintenance'
395024
SUSE:SLE-12:Update: Using target project 'SUSE:Maintenance'
114495