glibc-2.17-326.3.0.1.el7.AXS7

エラータID: AXSA:2024-8594:08

Release date: 
Thursday, July 25, 2024 - 13:50
Subject: 
glibc-2.17-326.3.0.1.el7.AXS7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

The glibc package contains standard libraries which are used by multiple
programs on the system. In order to save disk space and memory, as well as to
make upgrading easier, common system code is kept in one place and shared
between programs. This particular package contains the most important sets of
shared libraries: the standard C library and the standard math library. Without
these two libraries, a Linux system will not function.

Security Fix(es):

* CVE-2021-3999: getcwd - Set errno to ERANGE for size == 1
* CVE-2021-35942: wordexp - handle overflow in positional parameter number
* CVE-2022-23218: Buffer overflow in sunrpc svcunix_create
* CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix"

CVE(s):
CVE-2021-3999
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.
CVE-2021-35942
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.
CVE-2022-23218
The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
CVE-2022-23219
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

Solution: 

Update packages.

CVEs: 
CVE-2021-3999
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.
CVE-2021-35942
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.
CVE-2022-23218
The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
CVE-2022-23219
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
Additional Info: 

N/A

Download: 

Asianux Server 7 for x86_64
  1. glibc-2.17-326.3.0.1.el7.AXS7.i686.rpm
    MD5: aa54e7de9c8428b5e49287c90421c7b3
    SHA-256: 5009d72654194ec8e5dfb3530cbd146afaa8861e98e253f1744bbb1adc2f116c
    Size: 4.26 MB
  2. glibc-2.17-326.3.0.1.el7.AXS7.x86_64.rpm
    MD5: 5c5e25e94dae06111bfc3c5b2f87b406
    SHA-256: 03540a711e32a94859ed5ef068060b36f3697961e12dcad80f76f0e4f8c9b3c3
    Size: 3.64 MB
  3. glibc-common-2.17-326.3.0.1.el7.AXS7.x86_64.rpm
    MD5: b360b3a95a91dada148e6100393a6c0e
    SHA-256: ad2205312dcf88541c7bc19b63e8f5d686c89b4bace628d0050013f315654848
    Size: 11.50 MB
  4. glibc-devel-2.17-326.3.0.1.el7.AXS7.i686.rpm
    MD5: a30f624989e15a9185815bc0524efe9e
    SHA-256: b5e056e11a6dd5c1ad11417817ac09c2c1d8bf22c564258315eda9b0c28d7187
    Size: 1.08 MB
  5. glibc-devel-2.17-326.3.0.1.el7.AXS7.x86_64.rpm
    MD5: 0096875f5793ff433df693030ec3b552
    SHA-256: a4fb630db0a3a2996792ef420848847087d804519444552d0d66ff1afce36846
    Size: 1.08 MB
  6. glibc-headers-2.17-326.3.0.1.el7.AXS7.x86_64.rpm
    MD5: 2585e0dc3604038523726d3d238ebe08
    SHA-256: beb9167fe6c731aa6e15c074c2673d31074999251b1a8018c479ef9553f02032
    Size: 691.16 kB
  7. glibc-utils-2.17-326.3.0.1.el7.AXS7.x86_64.rpm
    MD5: 8a83f9d1627bf9998d9523a17730598c
    SHA-256: f9f739e11b217a474749f551d85ef89b08f64f5da3d1e391ba9acf443f694ad8
    Size: 229.56 kB
  8. nscd-2.17-326.3.0.1.el7.AXS7.x86_64.rpm
    MD5: 6dbf1fb52d19b3548568d98234378170
    SHA-256: 88f3d73fa60d094128e18d1a3fd9b42082ad1f40c3de4a38524076206cfa5474
    Size: 288.83 kB