Product Updated Versions Platform Priority rating Availability Adobe Flash Player for Linux 24.0.0.194 Linux 3 Flash Player Download Center Vulnerability Details These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2017-2938). These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2017-2932, CVE-2017-2936, CVE-2017-2937). These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2017-2927, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935). These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-2925, CVE-2017-2926, CVE-2017-2928, CVE-2017-2930, CVE-2017-2931). Acknowledgments Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers: Nicolas Joly of Microsoft Vulnerability Research (CVE-2017-2936, CVE-2017-2937) Mateusz Jurczyk and Natalie Silvanovich of Google Project Zero (CVE-2017-2931, CVE-2017-2932, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935) Khalil Zhani working with Chromium Vulnerability Rewards Program (CVE-2017-2928) willJ of Tencent PC Manager (CVE-2017-2925) Francis Provencher of COSIG (CVE-2017-2930) Jann Horn of Google Project Zero (CVE-2017-2938) Kai Lu of Fortinet's FortiGuard Labs working with the Chromium Vulnerability Rewards Program (CVE-2017-2926, CVE-2017-2927)
Added to existing GLSA request.
This issue was resolved and addressed in GLSA 201702-20 at https://security.gentoo.org/glsa/201702-20 by GLSA coordinator Thomas Deutschmann (whissi).