Bug 1324353 (CVE-2016-1006, CVE-2016-1011, CVE-2016-1012, CVE-2016-1013, CVE-2016-1014, CVE-2016-1015, CVE-2016-1016, CVE-2016-1017, CVE-2016-1018, CVE-2016-1019, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1030, CVE-2016-1031, CVE-2016-1032, CVE-2016-1033) - flash-plugin: multiple code execution issues fixed in APSB16-10
Summary: flash-plugin: multiple code execution issues fixed in APSB16-10
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2016-1006, CVE-2016-1011, CVE-2016-1012, CVE-2016-1013, CVE-2016-1014, CVE-2016-1015, CVE-2016-1016, CVE-2016-1017, CVE-2016-1018, CVE-2016-1019, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1030, CVE-2016-1031, CVE-2016-1032, CVE-2016-1033
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
urgent
urgent
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1325062 1325063 1325064
Blocks: 1324354
TreeView+ depends on / blocked
 
Reported: 2016-04-06 07:00 UTC by Adam Mariš
Modified: 2021-02-17 04:06 UTC (History)
5 users (show)

Fixed In Version: flash-plugin 11.2.202.616
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-04-08 13:13:01 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2016:0610 0 normal SHIPPED_LIVE Critical: flash-plugin security update 2016-04-08 16:55:50 UTC

Description Adam Mariš 2016-04-06 07:00:15 UTC 
A critical vulnerability (CVE-2016-1019) exists in Adobe Flash Player 21.0.0.197 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. 

https://helpx.adobe.com/security/products/flash-player/apsa16-01.html
Comment 1 Tomas Hoger 2016-04-08 06:27:58 UTC 
Updates for Adobe Flash Player were released, further details are in the APSB16-10 bulletin.

Adobe Security Bulletin APSB16-10 for Adobe Flash Player describes multiple flaws that can possibly lead to code execution when Flash Player is used to play a specially crafted SWF file.

Quoting from the APSB16-10:

These updates harden a mitigation against JIT spraying attacks that could be used to bypass memory layout randomization mitigations (CVE-2016-1006).

These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-1015, CVE-2016-1019).

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-1011, CVE-2016-1013, CVE-2016-1016, CVE-2016-1017, CVE-2016-1031).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, CVE-2016-1033).

These updates resolve a stack overflow vulnerability that could lead to code execution (CVE-2016-1018).

These updates resolve a security bypass vulnerability (CVE-2016-1030).

These updates resolve a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-1014).

External References:

https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
https://helpx.adobe.com/security/products/flash-player/apsa16-01.html
Comment 3 errata-xmlrpc 2016-04-08 12:57:09 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Supplementary
  Red Hat Enterprise Linux 5 Supplementary

Via RHSA-2016:0610 https://rhn.redhat.com/errata/RHSA-2016-0610.html
Note You need to log in before you can comment on or make changes to this bug.