[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#301135: libc6: libacl/libcrypto/libasound all have PT_GNU_STACK enabled on them in glibc 2.3.4-1

On Wed, Mar 23, 2005 at 06:10:44PM -0500, Brad Spengler wrote:
> Package: libc6
> Version: 2.3.4-1
> Severity: important
> 
> 
> libacl/libcrypto/libasound all have PT_GNU_STACK enabled on them in
> glibc 2.3.4-1, making them request an executable stack when none is
> needed.  This severely breaks a PaX system and effectively backdoors
> most applications on systems using exec-shield.
> 
> Here's the relevant readelf -e output for libacl.  It would be wise for
> debian to check all packages for these same kinds of problems now to
> avoid causing lots of problems later when glibc 2.3.4 goes into
> unstable.  Since this problem causes security features to be silently
> disabled in the case of exec-shield, it is a security issue in addition
> to a large usability problem in the case of PaX.
> 
> Program Headers:
>   Type           Offset   VirtAddr   PhysAddr   FileSiz MemSiz    Flg Align
>     LOAD           0x000000 0x00000000 0x00000000 0x051b6 0x051b6 R E 0x1000
>     LOAD           0x0051b8 0x000061b8 0x000061b8 0x001dc 0x001fc RW  0x1000
>     DYNAMIC        0x0051cc 0x000061cc 0x000061cc 0x000e0 0x000e0 RW  0x4
>     STACK          0x000000 0x00000000 0x00000000 0x00000 0x00000 RWE 0x4

Why is this a bug in glibc 2.3.4?  Why is it even related to glibc
2.3.4?  Those libraries are not part of glibc.

-- 
Daniel Jacobowitz
CodeSourcery, LLC
Reply to: