Описание
Security update for glibc
This update for glibc fixes the following issues:
This security issue was fixed:
- Fixed an buffer overwrite issue in memcpy for Knights Landing CPUs (boo#1092877, CVE-2018-11237)
Список пакетов
openSUSE Leap 15.0
glibc-2.26-lp150.11.3.2
glibc-32bit-2.26-lp150.11.3.2
glibc-devel-2.26-lp150.11.3.2
glibc-devel-32bit-2.26-lp150.11.3.2
glibc-devel-static-2.26-lp150.11.3.2
glibc-devel-static-32bit-2.26-lp150.11.3.2
glibc-extra-2.26-lp150.11.3.2
glibc-html-2.26-lp150.11.3.2
glibc-i18ndata-2.26-lp150.11.3.2
glibc-info-2.26-lp150.11.3.2
glibc-locale-2.26-lp150.11.3.2
glibc-locale-32bit-2.26-lp150.11.3.2
glibc-profile-2.26-lp150.11.3.2
glibc-profile-32bit-2.26-lp150.11.3.2
glibc-testsuite-src-2.26-lp150.11.3.2
glibc-utils-2.26-lp150.11.3.2
glibc-utils-32bit-2.26-lp150.11.3.2
glibc-utils-src-2.26-lp150.11.3.2
nscd-2.26-lp150.11.3.2
Ссылки
- E-Mail link for openSUSE-SU-2018:1633-1
- SUSE Security Ratings
Описание
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
Затронутые продукты
openSUSE Leap 15.0:glibc-2.26-lp150.11.3.2
openSUSE Leap 15.0:glibc-32bit-2.26-lp150.11.3.2
openSUSE Leap 15.0:glibc-devel-2.26-lp150.11.3.2
openSUSE Leap 15.0:glibc-devel-32bit-2.26-lp150.11.3.2
Ссылки
- CVE-2018-11237
- SUSE Bug 1092877
- SUSE Bug 1094154
- SUSE Bug 1118435