glibc-2.17-326.el7.3

エラータID: AXSA:2024-8129:05

Release date: 
Friday, June 7, 2024 - 10:56
Subject: 
glibc-2.17-326.el7.3
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

The glibc packages provide the standard C libraries (libc), POSIX thread
libraries (libpthread), standard math libraries (libm), and the name service
cache daemon (nscd) used by multiple programs on the system. Without these
libraries, the Linux system cannot function correctly.

Security Fix(es):

* glibc: Out of bounds write in iconv may lead to remote code execution

(CVE-2024-2961)

* glibc: stack-based buffer overflow in netgroup cache (CVE-2024-33599)
* glibc: null pointer dereferences after failed netgroup cache insertion

(CVE-2024-33600)

* glibc: netgroup cache may terminate daemon on memory allocation failure

(CVE-2024-33601)

* glibc: netgroup cache assumes NSS callback uses in-buffer strings

(CVE-2024-33602)

For more details about the security issue(s), including the impact,
a CVSS score, acknowledgments, and other related information, refer
to the CVE page(s) listed in the References section.

CVE-2024-2961

CVE-2024-33599

CVE-2024-33600

CVE-2024-33601

CVE-2024-33602

Solution: 

Update packages.

CVEs: 
CVE-2024-2961
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
CVE-2024-33599
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
CVE-2024-33600
nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
CVE-2024-33601
nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
CVE-2024-33602
nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
Additional Info: 

N/A

Download: 

SRPMS
  1. glibc-2.17-326.el7.3.src.rpm
    MD5: 83a65987253cfc37bd405010dabae24e
    SHA-256: 40159ac74a401d57dcbf718357d6b6edbc4d1c64047bdae5e186ddbb75b39fb0
    Size: 25.22 MB

Asianux Server 7 for x86_64
  1. glibc-2.17-326.el7.3.i686.rpm
    MD5: 6067579475372adf2fcfbe51962b3559
    SHA-256: 5d3e4b88429be7684469118487c6d8b03c58b6f1e542f0cbeff4e85c241ace7f
    Size: 4.26 MB
  2. glibc-2.17-326.el7.3.x86_64.rpm
    MD5: fc28021a0dc900892ab5f16b0bb310fb
    SHA-256: 1fda3729a69f69b7b46301a345ac3a9f9b1abfbeab0d31e5a0b2f109ac866361
    Size: 3.64 MB
  3. glibc-common-2.17-326.el7.3.x86_64.rpm
    MD5: 826024cdb6e66da5890cabcf159bc611
    SHA-256: 9f9c5eb9622724aeb84fe66bc72c053bb9bca9b7703efd5ed65a14792a1b9eda
    Size: 11.50 MB
  4. glibc-devel-2.17-326.el7.3.i686.rpm
    MD5: cfdd3a3acd617f274b1db790f64db5a9
    SHA-256: cd7c6d151dcd073e0500091218af60acd133678b0489e473313c009c591fe534
    Size: 1.08 MB
  5. glibc-devel-2.17-326.el7.3.x86_64.rpm
    MD5: e269a2a5d04a2374ea3489c4748f28db
    SHA-256: 30fa155bb2207ad5020c67d9929bd157077249dd184b9bad10462754b92398de
    Size: 1.08 MB
  6. glibc-headers-2.17-326.el7.3.x86_64.rpm
    MD5: 51272bfb2a655ff65af771a5c0f8c2bf
    SHA-256: 99ff2ec92e7975f9329cebc87473bb350136b06d541313033f8b1b2e860293a0
    Size: 690.66 kB
  7. glibc-utils-2.17-326.el7.3.x86_64.rpm
    MD5: e5f744b26fcf2b54dcd3329419a1f8f1
    SHA-256: a9c38bf81ffccafea17fd2773e1d24c32ffb1021635f5753ca4845acae273c51
    Size: 229.10 kB
  8. nscd-2.17-326.el7.3.x86_64.rpm
    MD5: 77efb5281ad05a925cba9f3d98c8339d
    SHA-256: 316aa497db7fab4071ba26246ba6eb63f17b01f70c7330a475765111de026183
    Size: 288.34 kB