Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2017.1881 Moderate: glibc security, bug fix, and enhancement update 2 August 2017 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: glibc Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 7 Red Hat Enterprise Linux WS/Desktop 7 Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2015-8779 CVE-2015-8778 CVE-2015-8777 CVE-2015-8776 CVE-2014-9761 Reference: ASB-2016.0017 ESB-2017.1253 ESB-2017.1191 ESB-2016.1117 ESB-2016.0887 ESB-2016.0854 ESB-2016.0394 Original Bulletin: https://access.redhat.com/errata/RHSA-2017:1916 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: glibc security, bug fix, and enhancement update Advisory ID: RHSA-2017:1916-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1916 Issue date: 2017-08-01 CVE Names: CVE-2014-9761 CVE-2015-8776 CVE-2015-8777 CVE-2015-8778 CVE-2015-8779 ===================================================================== 1. Summary: An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * A stack overflow vulnerability was found in nan* functions that could cause applications, which process long strings with the nan function, to crash or, potentially, execute arbitrary code. (CVE-2014-9761) * It was found that out-of-range time values passed to the strftime() function could result in an out-of-bounds memory access. This could lead to application crash or, potentially, information disclosure. (CVE-2015-8776) * An integer overflow vulnerability was found in hcreate() and hcreate_r() functions which could result in an out-of-bounds memory access. This could lead to application crash or, potentially, arbitrary code execution. (CVE-2015-8778) * A stack based buffer overflow vulnerability was found in the catopen() function. An excessively long string passed to the function could cause it to crash or, potentially, execute arbitrary code. (CVE-2015-8779) * It was found that the dynamic loader did not sanitize the LD_POINTER_GUARD environment variable. An attacker could use this flaw to bypass the pointer guarding protection on set-user-ID or set-group-ID programs to execute arbitrary code with the permissions of the user running the application. (CVE-2015-8777) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 For the update to take effect, all services linked to the glibc library must be restarted, or the system rebooted. 5. Bugs fixed (https://bugzilla.redhat.com/): 906468 - Deadlock in glibc between fork and malloc 1213603 - glibc: nss_db: get*ent crashes without preceding set*ent 1260581 - CVE-2015-8777 glibc: LD_POINTER_GUARD in the environment is not sanitized 1298975 - [RFE] Backport the groups merging feature 1300299 - CVE-2015-8776 glibc: Segmentation fault caused by passing out-of-range data to strftime() 1300303 - CVE-2015-8778 glibc: Integer overflow in hcreate and hcreate_r 1300310 - CVE-2014-9761 glibc: Unbounded stack allocation in nan* functions 1300312 - CVE-2015-8779 glibc: Unbounded stack allocation in catopen function 1318877 - Per C11 and C++11, <stdint.h> should not look at __STDC_LIMIT_MACROS or __STDC_CONSTANT_MACROS 1318890 - glibc: nss_db: long group entries are skipped 1322544 - Segmentation violation can occur within glibc if fork() is used in a multi-threaded application 1324568 - glibc: getent returns dud entry when nscd enabled 1325138 - glibc: Corrupted aux-cache causes ldconfig to segfault 1330705 - open() and openat() ignore 'mode' with O_TMPFILE on newer kernels 1338672 - glibc: GCC 6 enablement for struct sockaddr_storage 1366569 - glibc: default nsswitch.conf should not set initgroups 1370630 - glibc: nss_db: Endless loop in services database processing 1387874 - MSG_FASTOPEN definition missing 1392540 - glibc: default nsswitch.conf does not list sss for the automount service 1404435 - "yum update" on fresh installation of RHEL 7.0 or 7.1 PPC64 (updating to 7.3) results in various yum errors 1417205 - Missing AF_VSOCK <sys/socket.h> constant 1418978 - glibc: backport upstream support/ directory 1421155 - Update dynamic loader trampoline for Intel SSE, AVX, and AVX512 usage. 1439165 - glibc: SYS_getrandom definition missing on s390x 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: glibc-2.17-196.el7.src.rpm x86_64: glibc-2.17-196.el7.i686.rpm glibc-2.17-196.el7.x86_64.rpm glibc-common-2.17-196.el7.x86_64.rpm glibc-debuginfo-2.17-196.el7.i686.rpm glibc-debuginfo-2.17-196.el7.x86_64.rpm glibc-debuginfo-common-2.17-196.el7.i686.rpm glibc-debuginfo-common-2.17-196.el7.x86_64.rpm glibc-devel-2.17-196.el7.i686.rpm glibc-devel-2.17-196.el7.x86_64.rpm glibc-headers-2.17-196.el7.x86_64.rpm glibc-utils-2.17-196.el7.x86_64.rpm nscd-2.17-196.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: glibc-debuginfo-2.17-196.el7.i686.rpm glibc-debuginfo-2.17-196.el7.x86_64.rpm glibc-debuginfo-common-2.17-196.el7.i686.rpm glibc-debuginfo-common-2.17-196.el7.x86_64.rpm glibc-static-2.17-196.el7.i686.rpm glibc-static-2.17-196.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: glibc-2.17-196.el7.src.rpm x86_64: glibc-2.17-196.el7.i686.rpm glibc-2.17-196.el7.x86_64.rpm glibc-common-2.17-196.el7.x86_64.rpm glibc-debuginfo-2.17-196.el7.i686.rpm glibc-debuginfo-2.17-196.el7.x86_64.rpm glibc-debuginfo-common-2.17-196.el7.i686.rpm glibc-debuginfo-common-2.17-196.el7.x86_64.rpm glibc-devel-2.17-196.el7.i686.rpm glibc-devel-2.17-196.el7.x86_64.rpm glibc-headers-2.17-196.el7.x86_64.rpm glibc-utils-2.17-196.el7.x86_64.rpm nscd-2.17-196.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: glibc-debuginfo-2.17-196.el7.i686.rpm glibc-debuginfo-2.17-196.el7.x86_64.rpm glibc-debuginfo-common-2.17-196.el7.i686.rpm glibc-debuginfo-common-2.17-196.el7.x86_64.rpm glibc-static-2.17-196.el7.i686.rpm glibc-static-2.17-196.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: glibc-2.17-196.el7.src.rpm aarch64: glibc-2.17-196.el7.aarch64.rpm glibc-common-2.17-196.el7.aarch64.rpm glibc-debuginfo-2.17-196.el7.aarch64.rpm glibc-devel-2.17-196.el7.aarch64.rpm glibc-headers-2.17-196.el7.aarch64.rpm glibc-utils-2.17-196.el7.aarch64.rpm nscd-2.17-196.el7.aarch64.rpm ppc64: glibc-2.17-196.el7.ppc.rpm glibc-2.17-196.el7.ppc64.rpm glibc-common-2.17-196.el7.ppc64.rpm glibc-debuginfo-2.17-196.el7.ppc.rpm glibc-debuginfo-2.17-196.el7.ppc64.rpm glibc-debuginfo-common-2.17-196.el7.ppc.rpm glibc-debuginfo-common-2.17-196.el7.ppc64.rpm glibc-devel-2.17-196.el7.ppc.rpm glibc-devel-2.17-196.el7.ppc64.rpm glibc-headers-2.17-196.el7.ppc64.rpm glibc-utils-2.17-196.el7.ppc64.rpm nscd-2.17-196.el7.ppc64.rpm ppc64le: glibc-2.17-196.el7.ppc64le.rpm glibc-common-2.17-196.el7.ppc64le.rpm glibc-debuginfo-2.17-196.el7.ppc64le.rpm glibc-debuginfo-common-2.17-196.el7.ppc64le.rpm glibc-devel-2.17-196.el7.ppc64le.rpm glibc-headers-2.17-196.el7.ppc64le.rpm glibc-utils-2.17-196.el7.ppc64le.rpm nscd-2.17-196.el7.ppc64le.rpm s390x: glibc-2.17-196.el7.s390.rpm glibc-2.17-196.el7.s390x.rpm glibc-common-2.17-196.el7.s390x.rpm glibc-debuginfo-2.17-196.el7.s390.rpm glibc-debuginfo-2.17-196.el7.s390x.rpm glibc-debuginfo-common-2.17-196.el7.s390.rpm glibc-debuginfo-common-2.17-196.el7.s390x.rpm glibc-devel-2.17-196.el7.s390.rpm glibc-devel-2.17-196.el7.s390x.rpm glibc-headers-2.17-196.el7.s390x.rpm glibc-utils-2.17-196.el7.s390x.rpm nscd-2.17-196.el7.s390x.rpm x86_64: glibc-2.17-196.el7.i686.rpm glibc-2.17-196.el7.x86_64.rpm glibc-common-2.17-196.el7.x86_64.rpm glibc-debuginfo-2.17-196.el7.i686.rpm glibc-debuginfo-2.17-196.el7.x86_64.rpm glibc-debuginfo-common-2.17-196.el7.i686.rpm glibc-debuginfo-common-2.17-196.el7.x86_64.rpm glibc-devel-2.17-196.el7.i686.rpm glibc-devel-2.17-196.el7.x86_64.rpm glibc-headers-2.17-196.el7.x86_64.rpm glibc-utils-2.17-196.el7.x86_64.rpm nscd-2.17-196.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: glibc-debuginfo-2.17-196.el7.aarch64.rpm glibc-static-2.17-196.el7.aarch64.rpm ppc64: glibc-debuginfo-2.17-196.el7.ppc.rpm glibc-debuginfo-2.17-196.el7.ppc64.rpm glibc-debuginfo-common-2.17-196.el7.ppc.rpm glibc-debuginfo-common-2.17-196.el7.ppc64.rpm glibc-static-2.17-196.el7.ppc.rpm glibc-static-2.17-196.el7.ppc64.rpm ppc64le: glibc-debuginfo-2.17-196.el7.ppc64le.rpm glibc-debuginfo-common-2.17-196.el7.ppc64le.rpm glibc-static-2.17-196.el7.ppc64le.rpm s390x: glibc-debuginfo-2.17-196.el7.s390.rpm glibc-debuginfo-2.17-196.el7.s390x.rpm glibc-debuginfo-common-2.17-196.el7.s390.rpm glibc-debuginfo-common-2.17-196.el7.s390x.rpm glibc-static-2.17-196.el7.s390.rpm glibc-static-2.17-196.el7.s390x.rpm x86_64: glibc-debuginfo-2.17-196.el7.i686.rpm glibc-debuginfo-2.17-196.el7.x86_64.rpm glibc-debuginfo-common-2.17-196.el7.i686.rpm glibc-debuginfo-common-2.17-196.el7.x86_64.rpm glibc-static-2.17-196.el7.i686.rpm glibc-static-2.17-196.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: glibc-2.17-196.el7.src.rpm x86_64: glibc-2.17-196.el7.i686.rpm glibc-2.17-196.el7.x86_64.rpm glibc-common-2.17-196.el7.x86_64.rpm glibc-debuginfo-2.17-196.el7.i686.rpm glibc-debuginfo-2.17-196.el7.x86_64.rpm glibc-debuginfo-common-2.17-196.el7.i686.rpm glibc-debuginfo-common-2.17-196.el7.x86_64.rpm glibc-devel-2.17-196.el7.i686.rpm glibc-devel-2.17-196.el7.x86_64.rpm glibc-headers-2.17-196.el7.x86_64.rpm glibc-utils-2.17-196.el7.x86_64.rpm nscd-2.17-196.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: glibc-debuginfo-2.17-196.el7.i686.rpm glibc-debuginfo-2.17-196.el7.x86_64.rpm glibc-debuginfo-common-2.17-196.el7.i686.rpm glibc-debuginfo-common-2.17-196.el7.x86_64.rpm glibc-static-2.17-196.el7.i686.rpm glibc-static-2.17-196.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-9761 https://access.redhat.com/security/cve/CVE-2015-8776 https://access.redhat.com/security/cve/CVE-2015-8777 https://access.redhat.com/security/cve/CVE-2015-8778 https://access.redhat.com/security/cve/CVE-2015-8779 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.4_Release_Notes/index.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZgMQrXlSAg2UNWIIRArAjAJ416CgnT+nXfArn26incJt4MX/PJwCbBN7H ZiQuc6N6b66F9S0mAYi0ftI= =jxWr - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWYFEI4x+lLeg9Ub1AQiZbhAApKfUhQUUw+YoM60XQ6Jl8ZRnBBcwskoS s2nY9JAI1A6tGEzPnHXUoAmppwDQjfCgVkE3zWIZVWl41VigPYOYqhJfObdQGQi+ /WRoJ4LZbVbignWjwbH4QjRwlqo/ZJ0bFTB3eVmy8HJIhkC/XG3zHdyE3MuHouiq gg+zxEObG8s+AXJXrM8K4JjwI+NHLT81wGtoQsTs1L6ODOeu8OZc4fqd38JlFID8 tp/XMPTsni5zzG2aVqxgKxT1/9R9uzrYzc1kHBrE1rmYQoju6l1hBadWVVN9Dqqh yWf4zZXgeS4aWG3uMwbdBk+DxrRgJOIjD+3HbYeAgIMkq9OwrFeHxnD5V1FRykEa Cskl/ju6RcbHhHFME0DJimkM3oySeoxWRyfkrMFL2h1cIkv+9b2BGB2Vx8/N807c MUmc2bRhNUMHgAfI5W5fimQArKKXSJ7nOq6l1JPju9QGrgugO5QkGOxjj0J3kSb6 TTdc8QDSVDTx3FmloFQG1ONmdCEY6s9dpvwgS5o8W6Nfif2Rn4xIyYggFTxqtaO2 Anc2FpJH6q9F64BB2s44KLB8OR/tk5SehRvcT8fEfgJLRVXGnK74E6YC1sq+ZZxq bdwdreMtnsz5XZY2f8n+Q8hF0zaJlS0bJMaTsYChJ4Na3lrulDkie/JCIkBg4uHt mxL7BJ6WspQ= =NCkY -----END PGP SIGNATURE-----