Описание
Security update for glibc
This update for glibc fixes the following issues:
Security issues fixed:
- CVE-2017-15804: Fix buffer overflow during unescaping of user names in the glob function in glob.c (bsc#1064580).
- CVE-2017-15670: Fix buffer overflow in glob with GLOB_TILDE (bsc#1064583).
- CVE-2017-15671: Fix memory leak in glob with GLOB_TILDE (bsc#1064569).
- CVE-2018-11236: Fix 32bit arch integer overflow in stdlib/canonicalize.c when processing very long pathname arguments (bsc#1094161).
- CVE-2017-12132: Reduce advertised EDNS0 buffer size to guard against fragmentation attacks (bsc#1051791).
Список пакетов
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server for SAP Applications 12 SP1
Ссылки
- Link for SUSE-SU-2018:2185-1
- E-Mail link for SUSE-SU-2018:2185-1
- SUSE Security Ratings
- SUSE Bug 1051791
- SUSE Bug 1064569
- SUSE Bug 1064580
- SUSE Bug 1064583
- SUSE Bug 1094161
- SUSE CVE CVE-2017-12132 page
- SUSE CVE CVE-2017-15670 page
- SUSE CVE CVE-2017-15671 page
- SUSE CVE CVE-2017-15804 page
- SUSE CVE CVE-2018-11236 page
Описание
The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.
Затронутые продукты
Ссылки
- CVE-2017-12132
- SUSE Bug 1051791
- SUSE Bug 1123874
Описание
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.
Затронутые продукты
Ссылки
- CVE-2017-15670
- SUSE Bug 1064583
- SUSE Bug 1110160
- SUSE Bug 1123874
Описание
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak).
Затронутые продукты
Ссылки
- CVE-2017-15671
- SUSE Bug 1064569
- SUSE Bug 1123874
Описание
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.
Затронутые продукты
Ссылки
- CVE-2017-15804
- SUSE Bug 1064580
- SUSE Bug 1110160
- SUSE Bug 1123874
Описание
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.
Затронутые продукты
Ссылки
- CVE-2018-11236
- SUSE Bug 1094161
- SUSE Bug 1110160
- SUSE Bug 1118435
- SUSE Bug 1123874