Thursday, February 11, 2016

1645982 - Security issues fixed in SAP HANA Revision 18

Symptom

A security vulnerabilities was discovered and subsequentely fixed in revision 18 of SAP HANA.

Memory Corruption

A malicious user can remotely exploit HANA so that they can terminate it manually. The issue is caused by a memory corruption that causes the process to terminate. A malicious user can provoke a condition in which the process attempts to read outside its memory space, causing a memory protection fault. As a result, the system terminates the process, rendering the application unusable until it is restarted.



Other Terms
SAP HANA


Reason and Prerequisites
Details of the vulnerability discovered are described below:

Memory Corruption

A malicious user can remotely exploit HANA so that they can terminate it manually. The issue is caused by a memory corruption that causes the process to terminate. A malicious user can provoke a condition in which the process attempts to read outside its memory space, causing a memory protection fault. As a result, the system terminates the process, rendering the application unusable until it is restarted.


Solution
Update your SAP HANA to Revision 18 or higher.



Header Data

Released On 30.11.2011 13:05:25
Release Status Released for Customer
Component HAN-DB SAP HANA Database
Priority Correction with high priority
Category Release planning information
Posted by at

4 comments:

Subscribe to: Post Comments (Atom)