Описание
Security update for glibc
This update for glibc fixes the following issues:
- CVE-2021-35942: wordexp: handle overflow in positional parameter number (bsc#1187911)
- CVE-2021-33574: Use __pthread_attr_copy in mq_notify (bsc#1186489)
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.2
Ссылки
- E-Mail link for openSUSE-SU-2021:1374-1
- SUSE Security Ratings
- SUSE Bug 1186489
- SUSE Bug 1187911
- SUSE CVE CVE-2021-33574 page
- SUSE CVE CVE-2021-35942 page
Описание
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.
Затронутые продукты
Ссылки
- CVE-2021-33574
- SUSE Bug 1186489
- SUSE Bug 1189426
- SUSE Bug 1192788
- SUSE Bug 1196766
Описание
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.
Затронутые продукты
Ссылки
- CVE-2021-35942
- SUSE Bug 1187911
- SUSE Bug 1192788