|From:||Steve Beattie <firstname.lastname@example.org>|
|Subject:||[USN-1396-1] GNU C Library vulnerabilities|
|Date:||Fri, 9 Mar 2012 10:30:30 -0800|
========================================================================== Ubuntu Security Notice USN-1396-1 March 09, 2012 eglibc, glibc vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS Summary: Multiple vulnerabilities were discovered and fixed in the GNU C Library. Software Description: - eglibc: Embedded GNU C Library: sources - glibc: GNU C Library: Documentation Details: It was discovered that the GNU C Library did not properly handle integer overflows in the timezone handling code. An attacker could use this to possibly execute arbitrary code by convincing an application to load a maliciously constructed tzfile. (CVE-2009-5029) It was discovered that the GNU C Library did not properly handle passwd.adjunct.byname map entries in the Network Information Service (NIS) code in the name service caching daemon (nscd). An attacker could use this to obtain the encrypted passwords of NIS accounts. This issue only affected Ubuntu 8.04 LTS. (CVE-2010-0015) Chris Evans reported that the GNU C Library did not properly calculate the amount of memory to allocate in the fnmatch() code. An attacker could use this to cause a denial of service or possibly execute arbitrary code via a maliciously crafted UTF-8 string. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu 10.10. (CVE-2011-1071) Tomas Hoger reported that an additional integer overflow was possible in the GNU C Library fnmatch() code. An attacker could use this to cause a denial of service via a maliciously crafted UTF-8 string. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1659) Dan Rosenberg discovered that the addmntent() function in the GNU C Library did not report an error status for failed attempts to write to the /etc/mtab file. This could allow an attacker to corrupt /etc/mtab, possibly causing a denial of service or otherwise manipulate mount options. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1089) Harald van Dijk discovered that the locale program included with the GNU C library did not properly quote its output. This could allow a local attacker to possibly execute arbitrary code using a crafted localization string that was evaluated in a shell script. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu 10.10. (CVE-2011-1095) It was discovered that the GNU C library loader expanded the $ORIGIN dynamic string token when RPATH is composed entirely of this token. This could allow an attacker to gain privilege via a setuid program that had this RPATH value. (CVE-2011-1658) It was discovered that the GNU C library implementation of memcpy optimized for Supplemental Streaming SIMD Extensions 3 (SSSE3) contained a possible integer overflow. An attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS. (CVE-2011-2702) John Zimmerman discovered that the Remote Procedure Call (RPC) implementation in the GNU C Library did not properly handle large numbers of connections. This could allow a remote attacker to cause a denial of service. (CVE-2011-4609) It was discovered that the GNU C Library vfprintf() implementation contained a possible integer overflow in the format string protection code offered by FORTIFY_SOURCE. An attacker could use this flaw in conjunction with a format string vulnerability to bypass the format string protection and possibly execute arbitrary code. (CVE-2012-0864) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: libc6 2.13-20ubuntu5.1 Ubuntu 11.04: libc6 2.13-0ubuntu13.1 Ubuntu 10.10: libc-bin 2.12.1-0ubuntu10.4 libc6 2.12.1-0ubuntu10.4 Ubuntu 10.04 LTS: libc-bin 2.11.1-0ubuntu7.10 libc6 2.11.1-0ubuntu7.10 Ubuntu 8.04 LTS: libc6 2.7-10ubuntu8.1 After a standard system update you need to restart all services or reboot your computer to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1396-1 CVE-2009-5029, CVE-2010-0015, CVE-2011-1071, CVE-2011-1089, CVE-2011-1095, CVE-2011-1658, CVE-2011-1659, CVE-2011-2702, CVE-2011-4609, CVE-2012-0864 Package Information: https://launchpad.net/ubuntu/+source/eglibc/2.13-20ubuntu5.1 https://launchpad.net/ubuntu/+source/eglibc/2.13-0ubuntu13.1 https://launchpad.net/ubuntu/+source/eglibc/2.12.1-0ubunt... https://launchpad.net/ubuntu/+source/eglibc/2.11.1-0ubunt... https://launchpad.net/ubuntu/+source/glibc/2.7-10ubuntu8.1 -- ubuntu-security-announce mailing list email@example.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security...
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds