Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:0074-1

Опубликовано: 12 янв. 2018
Источник: suse-cvrf

Описание

Security update for glibc

This update for glibc fixes the following issues:

  • A privilege escalation bug in the realpath() function has been fixed. [CVE-2018-1000001, bsc#1074293]

  • A memory leak and a buffer overflow in the dynamic ELF loader has been fixed. [CVE-2017-1000408, CVE-2017-1000409, bsc#1071319]

  • An issue in the code handling RPATHs was fixed that could have been exploited by an attacker to execute code loaded from arbitrary libraries. [CVE-2017-16997, bsc#1073231]

  • A potential crash caused by a use-after-free bug in pthread_create() has been fixed. [bsc#1053188]

  • A bug that prevented users to build shared objects which use the optimized libmvec.so API has been fixed. [bsc#1070905]

  • A memory leak in the glob() function has been fixed. [CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569, bsc#1064580, bsc#1064583]

  • A bug that would lose the syscall error code value in case of crashes has been fixed. [bsc#1063675]

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2
glibc-2.22-62.3.4
glibc-32bit-2.22-62.3.4
glibc-devel-2.22-62.3.4
glibc-devel-32bit-2.22-62.3.4
glibc-i18ndata-2.22-62.3.4
glibc-locale-2.22-62.3.4
glibc-locale-32bit-2.22-62.3.4
nscd-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP3
glibc-2.22-62.3.4
glibc-32bit-2.22-62.3.4
glibc-devel-2.22-62.3.4
glibc-devel-32bit-2.22-62.3.4
glibc-i18ndata-2.22-62.3.4
glibc-locale-2.22-62.3.4
glibc-locale-32bit-2.22-62.3.4
nscd-2.22-62.3.4
SUSE Linux Enterprise Server 12 SP2
glibc-2.22-62.3.4
glibc-32bit-2.22-62.3.4
glibc-devel-2.22-62.3.4
glibc-devel-32bit-2.22-62.3.4
glibc-html-2.22-62.3.4
glibc-i18ndata-2.22-62.3.4
glibc-info-2.22-62.3.4
glibc-locale-2.22-62.3.4
glibc-locale-32bit-2.22-62.3.4
glibc-profile-2.22-62.3.4
glibc-profile-32bit-2.22-62.3.4
nscd-2.22-62.3.4
SUSE Linux Enterprise Server 12 SP3
glibc-2.22-62.3.4
glibc-32bit-2.22-62.3.4
glibc-devel-2.22-62.3.4
glibc-devel-32bit-2.22-62.3.4
glibc-html-2.22-62.3.4
glibc-i18ndata-2.22-62.3.4
glibc-info-2.22-62.3.4
glibc-locale-2.22-62.3.4
glibc-locale-32bit-2.22-62.3.4
glibc-profile-2.22-62.3.4
glibc-profile-32bit-2.22-62.3.4
nscd-2.22-62.3.4
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
glibc-2.22-62.3.4
glibc-devel-2.22-62.3.4
glibc-html-2.22-62.3.4
glibc-i18ndata-2.22-62.3.4
glibc-info-2.22-62.3.4
glibc-locale-2.22-62.3.4
glibc-profile-2.22-62.3.4
nscd-2.22-62.3.4
SUSE Linux Enterprise Server for SAP Applications 12 SP2
glibc-2.22-62.3.4
glibc-32bit-2.22-62.3.4
glibc-devel-2.22-62.3.4
glibc-devel-32bit-2.22-62.3.4
glibc-html-2.22-62.3.4
glibc-i18ndata-2.22-62.3.4
glibc-info-2.22-62.3.4
glibc-locale-2.22-62.3.4
glibc-locale-32bit-2.22-62.3.4
glibc-profile-2.22-62.3.4
glibc-profile-32bit-2.22-62.3.4
nscd-2.22-62.3.4
SUSE Linux Enterprise Server for SAP Applications 12 SP3
glibc-2.22-62.3.4
glibc-32bit-2.22-62.3.4
glibc-devel-2.22-62.3.4
glibc-devel-32bit-2.22-62.3.4
glibc-html-2.22-62.3.4
glibc-i18ndata-2.22-62.3.4
glibc-info-2.22-62.3.4
glibc-locale-2.22-62.3.4
glibc-locale-32bit-2.22-62.3.4
glibc-profile-2.22-62.3.4
glibc-profile-32bit-2.22-62.3.4
nscd-2.22-62.3.4
SUSE Linux Enterprise Software Development Kit 12 SP2
glibc-devel-static-2.22-62.3.4
glibc-info-2.22-62.3.4
SUSE Linux Enterprise Software Development Kit 12 SP3
glibc-devel-static-2.22-62.3.4
glibc-info-2.22-62.3.4

Ссылки

Описание

A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:glibc-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-32bit-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-devel-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-devel-32bit-2.22-62.3.4
Ссылки

Описание

A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:glibc-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-32bit-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-devel-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-devel-32bit-2.22-62.3.4
Ссылки

Описание

The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:glibc-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-32bit-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-devel-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-devel-32bit-2.22-62.3.4
Ссылки

Описание

The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak).

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:glibc-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-32bit-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-devel-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-devel-32bit-2.22-62.3.4
Ссылки

Описание

The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:glibc-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-32bit-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-devel-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-devel-32bit-2.22-62.3.4
Ссылки

Описание

elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:glibc-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-32bit-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-devel-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-devel-32bit-2.22-62.3.4
Ссылки

Описание

In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:glibc-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-32bit-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-devel-2.22-62.3.4
SUSE Linux Enterprise Desktop 12 SP2:glibc-devel-32bit-2.22-62.3.4
Ссылки