glibc-2.17-326.99.0.1.el7.AXS7
エラータID: AXSA:2025-10920:15
リリース日:
2025/10/03 Friday - 11:55
題名:
glibc-2.17-326.99.0.1.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- glibc の posix/regexec.c:内の procees_next_code 関数には、
大文字小文字を区別しない正規表現の一致を試みることにより、
ヒープベースのバッファーオーバーリードが発生する脆弱性があります。
(CVE-2019-9169)
- glibc には、任意の検索パスの埋め込みを許容してしまう問題が
あるため、ローカルの攻撃者により、情報の漏洩を可能とする脆弱性が
存在します。(CVE-2025-4802)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-4802
Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).
Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).
CVE-2019-9169
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
追加情報:
N/A
ダウンロード:
Asianux Server 7 for x86_64
- glibc-2.17-326.99.0.1.el7.AXS7.i686.rpm
MD5: a52e6be184b1e3f1a64df5fd1d94a3d2
SHA-256: ab359fd62447b444f40874ca3b1c457c2f5e0ec3ec51112f1a6cfb8f212acca8
Size: 4.26 MB - glibc-2.17-326.99.0.1.el7.AXS7.x86_64.rpm
MD5: b55c7814f09a3ab2905f05492a7b57f4
SHA-256: 5af08cb86dc7a3422605992775e7d05814c9300a743ab6833e455e403cc04558
Size: 3.64 MB - glibc-common-2.17-326.99.0.1.el7.AXS7.x86_64.rpm
MD5: 29a31b7bf4c0ef85c27fb8fc5adb8964
SHA-256: a2c56b2cadf5007cd59cb94f74f339d7b207573300e30a5debfb6379ee26a980
Size: 11.50 MB - glibc-devel-2.17-326.99.0.1.el7.AXS7.i686.rpm
MD5: 9dcd9d8c60fbe834b36e63c85d5ff9c2
SHA-256: 2dc06015873ec75b892310bf1d5ba6b6320f348a7357f7053a8a9ad080ae81fb
Size: 1.08 MB - glibc-devel-2.17-326.99.0.1.el7.AXS7.x86_64.rpm
MD5: b421b9b19f837f03de82d865841aaf45
SHA-256: 9937efef5cf5b1984e45959187762aa50496f55ad618da8491cbe1bad4e3baf0
Size: 1.08 MB - glibc-headers-2.17-326.99.0.1.el7.AXS7.x86_64.rpm
MD5: 0ec05ebdb3f1058bbfee6aaa1724f5bf
SHA-256: ed9ae3c15bf7297469adbf545a17d7f28ca38989f9fc956dbd503856111da763
Size: 691.64 kB - glibc-utils-2.17-326.99.0.1.el7.AXS7.x86_64.rpm
MD5: 9bfea16005f134b49609e2d1558a75de
SHA-256: ed41657c7e4ba0681472a3fb34a0a2b61c660ca78309ad865542d4a4d0dc2198
Size: 230.07 kB - nscd-2.17-326.99.0.1.el7.AXS7.x86_64.rpm
MD5: ea5c116c251d9e6b54a8eb8c184b92e0
SHA-256: 6e326c504c539fddb186a00a1c22e544eeed1aa8ed9d75cdc40b6d3d839a8563
Size: 289.33 kB
English