Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2018:2159-1

Опубликовано: 01 авг. 2018
Источник: suse-cvrf

Описание

Security update for glibc

This update for glibc fixes the following security issues:

  • CVE-2017-18269: An SSE2-optimized memmove implementation for i386 did not correctly perform the overlapping memory check if the source memory range spaned the middle of the address space, resulting in corrupt data being produced by the copy operation. This may have disclosed information to context-dependent attackers, resulted in a denial of service or code execution (bsc#1094150).
  • CVE-2018-11236: Prevent integer overflow on 32-bit architectures when processing very long pathname arguments to the realpath function, leading to a stack-based buffer overflow (bsc#1094161).
  • CVE-2018-11237: An AVX-512-optimized implementation of the mempcpy function may have writen data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper (bsc#1092877, bsc#1094154).

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.0
glibc-2.26-lp150.11.6.120
glibc-32bit-2.26-lp150.11.6.120
glibc-devel-2.26-lp150.11.6.120
glibc-devel-32bit-2.26-lp150.11.6.120
glibc-devel-static-2.26-lp150.11.6.120
glibc-devel-static-32bit-2.26-lp150.11.6.120
glibc-extra-2.26-lp150.11.6.120
glibc-html-2.26-lp150.11.6.120
glibc-i18ndata-2.26-lp150.11.6.120
glibc-info-2.26-lp150.11.6.120
glibc-locale-2.26-lp150.11.6.120
glibc-locale-32bit-2.26-lp150.11.6.120
glibc-profile-2.26-lp150.11.6.120
glibc-profile-32bit-2.26-lp150.11.6.120
glibc-testsuite-src-2.26-lp150.11.6.120
glibc-utils-2.26-lp150.11.6.120
glibc-utils-32bit-2.26-lp150.11.6.120
glibc-utils-src-2.26-lp150.11.6.120
nscd-2.26-lp150.11.6.120

Ссылки

Описание

An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.

Затронутые продукты
openSUSE Leap 15.0:glibc-2.26-lp150.11.6.120
openSUSE Leap 15.0:glibc-32bit-2.26-lp150.11.6.120
openSUSE Leap 15.0:glibc-devel-2.26-lp150.11.6.120
openSUSE Leap 15.0:glibc-devel-32bit-2.26-lp150.11.6.120
Ссылки

Описание

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.

Затронутые продукты
openSUSE Leap 15.0:glibc-2.26-lp150.11.6.120
openSUSE Leap 15.0:glibc-32bit-2.26-lp150.11.6.120
openSUSE Leap 15.0:glibc-devel-2.26-lp150.11.6.120
openSUSE Leap 15.0:glibc-devel-32bit-2.26-lp150.11.6.120
Ссылки

Описание

An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.

Затронутые продукты
openSUSE Leap 15.0:glibc-2.26-lp150.11.6.120
openSUSE Leap 15.0:glibc-32bit-2.26-lp150.11.6.120
openSUSE Leap 15.0:glibc-devel-2.26-lp150.11.6.120
openSUSE Leap 15.0:glibc-devel-32bit-2.26-lp150.11.6.120
Ссылки