Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:0441-1

Опубликовано: 16 фев. 2022
Источник: suse-cvrf

Описание

Security update for glibc

glibc was updated to fix the following issues:

Security issues fixed:

  • CVE-2021-3999: Fixed incorrect errno in getcwd (bsc#1194640)
  • CVE-2022-23219: Fixed buffer overflow in sunrpc clnt_create for 'unix' (bsc#1194768)
  • CVE-2022-23218: Fixed buffer overflow in sunrpc svcunix_create (bsc#1194770)

Bugs fixed:

  • Make endian-conversion macros always return correct types (bsc#1193478, BZ #16458)
  • Allow dlopen of filter object to work (bsc#1192620, BZ #16272)
  • x86: fix stack alignment in cancelable syscall stub (bsc#1191835)

Список пакетов

Container suse/ltss/sle12.5/sles12sp5:latest
glibc-2.22-114.19.1
Container suse/sles12sp4:latest
glibc-2.22-114.19.1
Container suse/sles12sp5:latest
glibc-2.22-114.19.1
Image SLES12-SP4-Azure-BYOS
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP4-SAP-Azure-BYOS
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
glibc-2.22-114.19.1
glibc-32bit-2.22-114.19.1
glibc-devel-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
glibc-2.22-114.19.1
glibc-32bit-2.22-114.19.1
glibc-devel-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP4-SAP-EC2-HVM
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-Azure-BYOS
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-Azure-Basic-On-Demand
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-Azure-HPC-BYOS
glibc-2.22-114.19.1
glibc-32bit-2.22-114.19.1
glibc-devel-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-Azure-HPC-On-Demand
glibc-2.22-114.19.1
glibc-32bit-2.22-114.19.1
glibc-devel-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-Azure-SAP-BYOS
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-Azure-SAP-On-Demand
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-Azure-Standard-On-Demand
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-EC2-BYOS
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-EC2-ECS-On-Demand
glibc-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-EC2-On-Demand
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-EC2-SAP-BYOS
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-EC2-SAP-On-Demand
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-GCE-BYOS
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-GCE-On-Demand
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-GCE-SAP-BYOS
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-GCE-SAP-On-Demand
glibc-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
glibc-2.22-114.19.1
glibc-32bit-2.22-114.19.1
glibc-devel-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
glibc-2.22-114.19.1
glibc-32bit-2.22-114.19.1
glibc-devel-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-locale-2.22-114.19.1
nscd-2.22-114.19.1
SUSE Linux Enterprise Server 12 SP4-LTSS
glibc-2.22-114.19.1
glibc-32bit-2.22-114.19.1
glibc-devel-2.22-114.19.1
glibc-devel-32bit-2.22-114.19.1
glibc-html-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-info-2.22-114.19.1
glibc-locale-2.22-114.19.1
glibc-locale-32bit-2.22-114.19.1
glibc-profile-2.22-114.19.1
glibc-profile-32bit-2.22-114.19.1
nscd-2.22-114.19.1
SUSE Linux Enterprise Server 12 SP5
glibc-2.22-114.19.1
glibc-32bit-2.22-114.19.1
glibc-devel-2.22-114.19.1
glibc-devel-32bit-2.22-114.19.1
glibc-html-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-info-2.22-114.19.1
glibc-locale-2.22-114.19.1
glibc-locale-32bit-2.22-114.19.1
glibc-profile-2.22-114.19.1
glibc-profile-32bit-2.22-114.19.1
nscd-2.22-114.19.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
glibc-2.22-114.19.1
glibc-32bit-2.22-114.19.1
glibc-devel-2.22-114.19.1
glibc-devel-32bit-2.22-114.19.1
glibc-html-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-info-2.22-114.19.1
glibc-locale-2.22-114.19.1
glibc-locale-32bit-2.22-114.19.1
glibc-profile-2.22-114.19.1
glibc-profile-32bit-2.22-114.19.1
nscd-2.22-114.19.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
glibc-2.22-114.19.1
glibc-32bit-2.22-114.19.1
glibc-devel-2.22-114.19.1
glibc-devel-32bit-2.22-114.19.1
glibc-html-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-info-2.22-114.19.1
glibc-locale-2.22-114.19.1
glibc-locale-32bit-2.22-114.19.1
glibc-profile-2.22-114.19.1
glibc-profile-32bit-2.22-114.19.1
nscd-2.22-114.19.1
SUSE Linux Enterprise Software Development Kit 12 SP5
glibc-devel-static-2.22-114.19.1
glibc-info-2.22-114.19.1
SUSE OpenStack Cloud 9
glibc-2.22-114.19.1
glibc-32bit-2.22-114.19.1
glibc-devel-2.22-114.19.1
glibc-devel-32bit-2.22-114.19.1
glibc-html-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-info-2.22-114.19.1
glibc-locale-2.22-114.19.1
glibc-locale-32bit-2.22-114.19.1
glibc-profile-2.22-114.19.1
glibc-profile-32bit-2.22-114.19.1
nscd-2.22-114.19.1
SUSE OpenStack Cloud Crowbar 9
glibc-2.22-114.19.1
glibc-32bit-2.22-114.19.1
glibc-devel-2.22-114.19.1
glibc-devel-32bit-2.22-114.19.1
glibc-html-2.22-114.19.1
glibc-i18ndata-2.22-114.19.1
glibc-info-2.22-114.19.1
glibc-locale-2.22-114.19.1
glibc-locale-32bit-2.22-114.19.1
glibc-profile-2.22-114.19.1
glibc-profile-32bit-2.22-114.19.1
nscd-2.22-114.19.1

Ссылки

Описание

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.

Затронутые продукты
Container suse/ltss/sle12.5/sles12sp5:latest:glibc-2.22-114.19.1
Container suse/sles12sp4:latest:glibc-2.22-114.19.1
Container suse/sles12sp5:latest:glibc-2.22-114.19.1
Image SLES12-SP4-Azure-BYOS:glibc-2.22-114.19.1
Ссылки

Описание

The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

Затронутые продукты
Container suse/ltss/sle12.5/sles12sp5:latest:glibc-2.22-114.19.1
Container suse/sles12sp4:latest:glibc-2.22-114.19.1
Container suse/sles12sp5:latest:glibc-2.22-114.19.1
Image SLES12-SP4-Azure-BYOS:glibc-2.22-114.19.1
Ссылки

Описание

The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

Затронутые продукты
Container suse/ltss/sle12.5/sles12sp5:latest:glibc-2.22-114.19.1
Container suse/sles12sp4:latest:glibc-2.22-114.19.1
Container suse/sles12sp5:latest:glibc-2.22-114.19.1
Image SLES12-SP4-Azure-BYOS:glibc-2.22-114.19.1
Ссылки
Уязвимость SUSE-SU-2022:0441-1