View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2017-5836 severity low: SUSE including 22 source package names (libplist++-2_0-4-2.6.0-160000.2.2, libplist++-devel-1.12-19.1, …), 84 product×package rows across 37 product lines (SUSE Linux Enterprise Desktop 12 SP1, SUSE Linux Enterprise Desktop 12 SP2, … (37 product lines)): Fixed 84.
The plist_free_data function in plist.c in libplist allows attackers to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an invalid free.