Product Updated Versions Platform Priority rating Availability
Adobe Flash Player for Linux 18.104.22.168 Linux 3 Flash Player Download Center
These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2017-2938).
These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2017-2932, CVE-2017-2936, CVE-2017-2937).
These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2017-2927, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935).
These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-2925, CVE-2017-2926, CVE-2017-2928, CVE-2017-2930, CVE-2017-2931).
Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:
Nicolas Joly of Microsoft Vulnerability Research (CVE-2017-2936, CVE-2017-2937)
Mateusz Jurczyk and Natalie Silvanovich of Google Project Zero (CVE-2017-2931, CVE-2017-2932, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935)
Khalil Zhani working with Chromium Vulnerability Rewards Program (CVE-2017-2928)
willJ of Tencent PC Manager (CVE-2017-2925)
Francis Provencher of COSIG (CVE-2017-2930)
Jann Horn of Google Project Zero (CVE-2017-2938)
Kai Lu of Fortinet's FortiGuard Labs working with the Chromium Vulnerability Rewards Program (CVE-2017-2926, CVE-2017-2927)
Added to existing GLSA request.
This issue was resolved and addressed in
GLSA 201702-20 at https://security.gentoo.org/glsa/201702-20
by GLSA coordinator Thomas Deutschmann (whissi).