[arch-security] [ASA-201605-19] glibc: multiple issues
Arch Linux Security Advisory ASA-201605-19 ========================================== Severity: Medium Date : 2016-05-13 CVE-ID : CVE-2016-1234 CVE-2016-3706 Package : glibc Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package glibc before version 2.23-4 is vulnerable to denial of service and possibly arbitrary code execution. Resolution ========== Upgrade to 2.23-4. # pacman -Syu "glibc>=2.23-4" The problems have been fixed upstream but no release is available yet. Workaround ========== None. Description =========== - CVE-2016-1234 (arbitrary code execution) It was found that glob implementation in glibc does not correctly handle overlong names in struct dirent buffers when GLOB_ALTDIRFUNC is used, causing a large stack-based buffer overflow with controlled length and content. - CVE-2016-3706 (denial of service) A stack (frame) overflow flaw, which could lead to a denial of service (application crash), was found in the way glibc's getaddrinfo() function processed certain requests when called with AF_INET or AF_INET6. Impact ====== A remote attacker is able to perform a denial of service attack via a vulnerability in the getaddrinfo() function. Furthermore a local attacker may be able to execute arbitrary code via a buffer overflow when GLOB_ALTDIRFUNC is used. References ========== https://access.redhat.com/security/cve/CVE-2016-1234 https://access.redhat.com/security/cve/CVE-2016-3706 https://sourceware.org/bugzilla/show_bug.cgi?id=19779 https://sourceware.org/bugzilla/show_bug.cgi?id=20010
participants (1)
-
Levente Polyak