Package name
Advisory ID
Affected versions
8.1 i586 , 8.1 i586

Problem description

zen-parse discovered a problem in the at command containing an extra call to free() which can lead to a segfault with a carefully crafted, but incorrect, format. This is caused due to a heap corruption that can be exploited under certain circumstances because the at command is installed setuid root. Thanks to SuSE for an additional security improvement that ads the O_EXCL (exclusive) option to the open(2) system call inside the at code.

Updated packages

8.1 i586

 066814fda6dfc8f74721861a90c1d167  8.1/RPMS/at-3.1.8-4.1mdk.i586.rpm
8205596ce7b87d8dca57a6d9285dd1d1  8.1/SRPMS/at-3.1.8-4.1mdk.src.rpm

8.1 i586

 bc46bc259124e1de45063503d8be2940  ia64/8.1/RPMS/at-3.1.8-4.1mdk.ia64.rpm
8205596ce7b87d8dca57a6d9285dd1d1  ia64/8.1/SRPMS/at-3.1.8-4.1mdk.src.rpm