[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 316-1] eglibc security update

Package        : eglibc
Version        : 2.11.3-4+deb6u7
CVE ID         : CVE-2014-8121
Bug-Reference  : 779587

Several vulnerabilities have been discovered in eglibc that
may lead to a privilege escalation or denial of service.

Glibc pointer guarding weakness

   A weakness in the dynamic loader prior has been found.  The issue is
   that the LD_POINTER_GUARD in the environment is not sanitized
   allowing local attackers easily to bypass the pointer guarding
   protection on set-user-ID and set-group-ID programs.

Potential application crash due to overread in fnmatch

   When processing certain malformed patterns, fnmatch can skip over the
   NUL byte terminating the pattern.  This can potentially result in an
   application crash if fnmatch hits an unmapped page before
   encountering a NUL byte.

_IO_wstr_overflow integer overflow

   A miscalculation in _IO_wstr_overflow could potentially be exploited
   to overflow a buffer.


   DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS)
   in GNU C Library (aka glibc or libc6) 2.21 and earlier does not
   properly check if a file is open, which allows remote attackers to
   cause a denial of service (infinite loop) by performing a look-up
   while the database is iterated over the database, which triggers the
   file pointer to be reset.

For the oldoldstable distribution (squeeze), these problems have been fixed
in version 2.11.3-4+deb6u7.

We recommend that you update your packages.

Attachment: signature.asc
Description: Digital signature

Reply to: