Описание
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
A stack based buffer-overflow vulnerability was found in the deprecated compatibility function clnt_create() in the sunrpc's clnt_gen.c module of the GNU C Library (aka glibc) through 2.34. This vulnerability copies its hostname argument onto the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) lead to arbitrary code execution.
Отчет
Red Hat Product Security has rated this issue as having Moderate security impact and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 6 and 7, hence, marked as Out-of-Support-Scope. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ Red Hat Enterprise Linux 9 is not affected by this CVE as the fix was backported to glibc-2.34 and included in the 9.0 GA release.
Меры по смягчению последствий
An application built with stack protector enabled can mitigate this issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | compat-glibc | Out of support scope | ||
| Red Hat Enterprise Linux 6 | glibc | Out of support scope | ||
| Red Hat Enterprise Linux 7 | compat-glibc | Out of support scope | ||
| Red Hat Enterprise Linux 7 | glibc | Out of support scope | ||
| Red Hat Enterprise Linux 9 | glibc | Not affected | ||
| Red Hat Enterprise Linux 8 | glibc | Fixed | RHSA-2022:0896 | 15.03.2022 |
| Red Hat Enterprise Linux 8 | glibc | Fixed | RHSA-2022:0896 | 15.03.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
7 High
CVSS3
Связанные уязвимости
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
The deprecated compatibility function clnt_create in the sunrpc module ...
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
EPSS
7 High
CVSS3