Upstream information
Description
A vulnerability classified as problematic was found in Musicshelf 1.0/1.1 on Android. Affected by this vulnerability is an unknown functionality of the file io\fabric\sdk\android\services\network\PinningTrustManager.java of the component SHA-1 Handler. The manipulation leads to password hash with insufficient computational effort. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-256321 was assigned to this vulnerability.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having not set severity.
No SUSE Bugzilla entries cross referenced. No SUSE Security Announcements cross referenced.List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| openSUSE Tumbleweed |
| Patchnames: openSUSE-Tumbleweed-2024-14598 |
List of packages in QA
| Product(s) | Package(s) |
|---|---|
| SUSE Linux Enterprise Module for Containers 15 SP6 |
|
| SUSE Linux Enterprise Server 15 SP6 |
|
| SUSE Linux Enterprise Server for SAP Applications 15 SP6 |
|
| SUSE Linux Enterprise High Performance Computing 15 SP6 |
|
SUSE Timeline for this CVE
CVE page created: Mon Mar 11 03:00:14 2024CVE page last modified: Tue Jan 14 12:59:40 2025