Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2022:0330-1

Опубликовано: 04 фев. 2022
Источник: suse-cvrf

Описание

Security update for glibc

This update for glibc fixes the following issues:

  • CVE-2021-3999: Fixed incorrect errno in getcwd (bsc#1194640)
  • CVE-2022-23219: Fixed buffer overflow in sunrpc clnt_create for 'unix' (bsc#1194768)
  • CVE-2022-23218: Fixed buffer overflow in sunrpc svcunix_create (bsc#1194770)

Features added:

  • IBM Power 10 string operation improvements (bsc#1194785, jsc#SLE-18195)

Список пакетов

openSUSE Leap 15.3
glibc-2.31-150300.9.12.1
glibc-32bit-2.31-150300.9.12.1
glibc-devel-2.31-150300.9.12.1
glibc-devel-32bit-2.31-150300.9.12.1
glibc-devel-static-2.31-150300.9.12.1
glibc-devel-static-32bit-2.31-150300.9.12.1
glibc-extra-2.31-150300.9.12.1
glibc-html-2.31-150300.9.12.1
glibc-i18ndata-2.31-150300.9.12.1
glibc-info-2.31-150300.9.12.1
glibc-lang-2.31-150300.9.12.1
glibc-locale-2.31-150300.9.12.1
glibc-locale-base-2.31-150300.9.12.1
glibc-locale-base-32bit-2.31-150300.9.12.1
glibc-profile-2.31-150300.9.12.1
glibc-profile-32bit-2.31-150300.9.12.1
glibc-utils-2.31-150300.9.12.1
glibc-utils-32bit-2.31-150300.9.12.1
nscd-2.31-150300.9.12.1

Ссылки

Описание

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.

Затронутые продукты
openSUSE Leap 15.3:glibc-2.31-150300.9.12.1
openSUSE Leap 15.3:glibc-32bit-2.31-150300.9.12.1
openSUSE Leap 15.3:glibc-devel-2.31-150300.9.12.1
openSUSE Leap 15.3:glibc-devel-32bit-2.31-150300.9.12.1
Ссылки

Описание

The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

Затронутые продукты
openSUSE Leap 15.3:glibc-2.31-150300.9.12.1
openSUSE Leap 15.3:glibc-32bit-2.31-150300.9.12.1
openSUSE Leap 15.3:glibc-devel-2.31-150300.9.12.1
openSUSE Leap 15.3:glibc-devel-32bit-2.31-150300.9.12.1
Ссылки

Описание

The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

Затронутые продукты
openSUSE Leap 15.3:glibc-2.31-150300.9.12.1
openSUSE Leap 15.3:glibc-32bit-2.31-150300.9.12.1
openSUSE Leap 15.3:glibc-devel-2.31-150300.9.12.1
openSUSE Leap 15.3:glibc-devel-32bit-2.31-150300.9.12.1
Ссылки
Уязвимость openSUSE-SU-2022:0330-1