Product Version Platform
Adobe Flash Player Desktop Runtime 220.127.116.11 Linux 3
Vulnerability Category Vulnerability Impact Severity CVE Numbers
Use After Free
Remote Code Execution Critical CVE-2017-3075, CVE-2017-3081, CVE-2017-3083, CVE-2017-3084
Memory Corruption Remote Code Execution Critical CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, CVE-2017-3082
Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:
bee13oy of CloverSec Labs working with Trend Micro's Zero Day Initiative (CVE-2017-3075, CVE-2017-3082, CVE-2017-3083, CVE-2017-3084)
Mateusz Jurczyk and Natalie Silvanovich of Google Project Zero (CVE-2017-3076, CVE-2017-3077, CVE-2017-3078)
Jihui Lu of Tencent KeenLab (CVE-2017-3079, CVE-2017-3081)
@ Maintainer(s): While the reported issues were officially addressed in =www-plugins/adobe-flash-18.104.22.168, upstream has now published =www-plugins/adobe-flash-22.214.171.124.
@Maintainer, thank you for the bump
Arches, please stabilize 126.96.36.199
Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
tree is clean.
GLSA request filed.
This issue was resolved and addressed in
GLSA 201707-15 at https://security.gentoo.org/glsa/201707-15
by GLSA coordinator Thomas Deutschmann (whissi).