Errata ALT-PU-2019-3114-1: Information
Fixes
Published: April 12, 2018
BDU:2019-00571
Уязвимость функции getaddrinfo библиотеки libc6, позволяющая нарушителю вызвать исчерпание оперативной памяти в целевой системе
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 16, 2019
BDU:2019-00682
Уязвимость функции the __memmove_avx_unaligned_erms библиотеки, обеспечивающей системные вызовы и основные функции glibc, позволяющая нарушителю вызвать сбой в работе приложения
Severity: LOW (3.3) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Links:
Published: Nov. 27, 2018
BDU:2019-01066
Уязвимость функции memcmp библиотеки GNU C (glibc), связанная с недостаточной проверкой входных данных, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 12, 2019
BDU:2019-01242
Уязвимость функции proceed_next_node в библиотеке GNU C, связанная с возможностью чтения за границей буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: May 17, 2018
BDU:2019-01772
Уязвимость реализации функции mempcpy библиотеки, обеспечивающей системные вызовы и основные функции glibc, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Feb. 4, 2018
BDU:2019-01773
Уязвимость функции mempcpy библиотеки, обеспечивающей системные вызовы и основные функции glibc, позволяющая нарушителю выполнить произвольный код
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Feb. 25, 2019
BDU:2020-04530
Уязвимость библиотеки glibc, связанная с неконтролируемой рекурсии при поиске совпадений по регулярному выражению, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Dec. 4, 2009
BDU:2021-05821
Уязвимость функции parse_reg_exp библиотеки glibc, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 26, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2009-5155
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=18986
- https://sourceware.org/bugzilla/show_bug.cgi?id=11053
- https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238
- https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806
- https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793
- http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272
- https://security.netapp.com/advisory/ntap-20190315-0002/
- https://support.f5.com/csp/article/K64119434
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=eb04c21373e2a2885f3d52ff192b0499afe3c672
- https://support.f5.com/csp/article/K64119434?utm_source=f5support&amp%3Butm_medium=RSS
- [bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
- [bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
Published: March 20, 2017
Modified: March 31, 2020
Modified: March 31, 2020
CVE-2015-8985
The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing.
Severity: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 21, 2019
Modified: Aug. 6, 2019
Modified: Aug. 6, 2019
CVE-2016-10739
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.
Severity: MEDIUM (5.3) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Links:
Published: May 18, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-11236
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.
Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=22786
- 104255
- RHSA-2018:3092
- https://security.netapp.com/advisory/ntap-20190401-0001/
- https://security.netapp.com/advisory/ntap-20190329-0001/
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- RHBA-2019:0327
- USN-4416-1
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5460617d1567657621107d895ee2dd83bc1f88f2
Published: May 18, 2018
Modified: Sept. 14, 2022
Modified: Sept. 14, 2022
CVE-2018-11237
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Dec. 4, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-19591
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=23927
- 1042174
- 106037
- GLSA-201903-09
- https://security.netapp.com/advisory/ntap-20190321-0003/
- GLSA-201908-06
- USN-4416-1
- https://sourceware.org/git/?p=glibc.git%3Ba=blob_plain%3Bf=NEWS%3Bhb=HEAD
- FEDORA-2018-f6b7df660d
- FEDORA-2018-060302dc83
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=d527c860f5a3f0ed687bd03f0cb464612dc23408
Published: Feb. 26, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-20796
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 18, 2019
Modified: June 13, 2020
Modified: June 13, 2020
CVE-2019-6488
The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Feb. 3, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-7309
In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 26, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-9169
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=24114
- https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142
- https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140
- 107160
- https://security.netapp.com/advisory/ntap-20190315-0002/
- https://kc.mcafee.com/corporate/index?page=content&id=SB10278
- https://support.f5.com/csp/article/K54823184
- GLSA-202006-04
- USN-4416-1
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=583dd860d5b833037175247230a328f0050dbfe9
Published: Feb. 26, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-9192
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links: