Описание
ELSA-2017-3582: glibc security update (IMPORTANT)
[2.17-157.4]
- Avoid large allocas in the dynamic linker (#1452720)
[2.17-157.2]
- Fix use of uninitialized data in getaddrinfo with nscd (#1436312)
[2.17-157.1]
- Do not set initgroups in default nsswitch.conf (#1388638)
- nss_db: Request larger buffers for long group entries (#1388637)
- nss_db: Fix getent crash without preceding setent (#1388635)
- nss_db: Fix endless loop in services database processing (#1388639)
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
glibc
2.17-157.ksplice1.el7_3.4
glibc-common
2.17-157.ksplice1.el7_3.4
glibc-devel
2.17-157.ksplice1.el7_3.4
glibc-headers
2.17-157.ksplice1.el7_3.4
glibc-static
2.17-157.ksplice1.el7_3.4
glibc-utils
2.17-157.ksplice1.el7_3.4
nscd
2.17-157.ksplice1.el7_3.4
Связанные CVE
Связанные уязвимости
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).
An issue was discovered in the size of the stack guard page on Linux, ...
