Security update for glibc SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:0494-1 Final 1 1 2018-02-20T12:28:02Z current 2018-02-20T12:28:02Z 2018-02-20T12:28:02Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for glibc This update for glibc fixes the following issues: Security issues fixed: - CVE-2017-8804: Fix memory leak after deserialization failure in xdr_bytes, xdr_string (bsc#1037930) - CVE-2017-12132: Reduce EDNS payload size to 1200 bytes (bsc#1051791) - CVE-2018-6485,CVE-2018-6551: Fix integer overflows in internal memalign and malloc functions (bsc#1079036) - CVE-2018-1000001: Avoid underflow of malloced area (bsc#1074293) Non security bugs fixed: - Release read lock after resetting timeout (bsc#1073990) This update was imported from the SUSE:SLE-12-SP2:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2018-02/msg00039.html E-Mail link for openSUSE-SU-2018:0494-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.3 glibc-2.22-13.2 glibc-32bit-2.22-13.2 glibc-devel-2.22-13.2 glibc-devel-32bit-2.22-13.2 glibc-devel-static-2.22-13.2 glibc-devel-static-32bit-2.22-13.2 glibc-extra-2.22-13.2 glibc-html-2.22-13.2 glibc-i18ndata-2.22-13.2 glibc-info-2.22-13.2 glibc-locale-2.22-13.2 glibc-locale-32bit-2.22-13.2 glibc-obsolete-2.22-13.2 glibc-profile-2.22-13.2 glibc-profile-32bit-2.22-13.2 glibc-testsuite-2.22-13.2 glibc-utils-2.22-13.2 glibc-utils-32bit-2.22-13.2 nscd-2.22-13.2 glibc-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-32bit-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-devel-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-devel-32bit-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-devel-static-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-devel-static-32bit-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-extra-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-html-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-i18ndata-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-info-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-locale-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-locale-32bit-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-obsolete-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-profile-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-profile-32bit-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-testsuite-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-utils-2.22-13.2 as a component of openSUSE Leap 42.3 glibc-utils-32bit-2.22-13.2 as a component of openSUSE Leap 42.3 nscd-2.22-13.2 as a component of openSUSE Leap 42.3 The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation. CVE-2017-12132 openSUSE Leap 42.3:glibc-2.22-13.2 openSUSE Leap 42.3:glibc-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-devel-2.22-13.2 openSUSE Leap 42.3:glibc-devel-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-devel-static-2.22-13.2 openSUSE Leap 42.3:glibc-devel-static-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-extra-2.22-13.2 openSUSE Leap 42.3:glibc-html-2.22-13.2 openSUSE Leap 42.3:glibc-i18ndata-2.22-13.2 openSUSE Leap 42.3:glibc-info-2.22-13.2 openSUSE Leap 42.3:glibc-locale-2.22-13.2 openSUSE Leap 42.3:glibc-locale-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-obsolete-2.22-13.2 openSUSE Leap 42.3:glibc-profile-2.22-13.2 openSUSE Leap 42.3:glibc-profile-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-testsuite-2.22-13.2 openSUSE Leap 42.3:glibc-utils-2.22-13.2 openSUSE Leap 42.3:glibc-utils-32bit-2.22-13.2 openSUSE Leap 42.3:nscd-2.22-13.2 low Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-02/msg00039.html https://www.suse.com/security/cve/CVE-2017-12132.html CVE-2017-12132 https://bugzilla.suse.com/1051791 SUSE Bug 1051791 https://bugzilla.suse.com/1089314 SUSE Bug 1089314 ** DISPUTED ** The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779. NOTE: [Information provided from upstream and references] CVE-2017-8804 openSUSE Leap 42.3:glibc-2.22-13.2 openSUSE Leap 42.3:glibc-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-devel-2.22-13.2 openSUSE Leap 42.3:glibc-devel-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-devel-static-2.22-13.2 openSUSE Leap 42.3:glibc-devel-static-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-extra-2.22-13.2 openSUSE Leap 42.3:glibc-html-2.22-13.2 openSUSE Leap 42.3:glibc-i18ndata-2.22-13.2 openSUSE Leap 42.3:glibc-info-2.22-13.2 openSUSE Leap 42.3:glibc-locale-2.22-13.2 openSUSE Leap 42.3:glibc-locale-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-obsolete-2.22-13.2 openSUSE Leap 42.3:glibc-profile-2.22-13.2 openSUSE Leap 42.3:glibc-profile-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-testsuite-2.22-13.2 openSUSE Leap 42.3:glibc-utils-2.22-13.2 openSUSE Leap 42.3:glibc-utils-32bit-2.22-13.2 openSUSE Leap 42.3:nscd-2.22-13.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-02/msg00039.html https://www.suse.com/security/cve/CVE-2017-8804.html CVE-2017-8804 https://bugzilla.suse.com/1037559 SUSE Bug 1037559 https://bugzilla.suse.com/1037930 SUSE Bug 1037930 In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. CVE-2018-1000001 openSUSE Leap 42.3:glibc-2.22-13.2 openSUSE Leap 42.3:glibc-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-devel-2.22-13.2 openSUSE Leap 42.3:glibc-devel-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-devel-static-2.22-13.2 openSUSE Leap 42.3:glibc-devel-static-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-extra-2.22-13.2 openSUSE Leap 42.3:glibc-html-2.22-13.2 openSUSE Leap 42.3:glibc-i18ndata-2.22-13.2 openSUSE Leap 42.3:glibc-info-2.22-13.2 openSUSE Leap 42.3:glibc-locale-2.22-13.2 openSUSE Leap 42.3:glibc-locale-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-obsolete-2.22-13.2 openSUSE Leap 42.3:glibc-profile-2.22-13.2 openSUSE Leap 42.3:glibc-profile-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-testsuite-2.22-13.2 openSUSE Leap 42.3:glibc-utils-2.22-13.2 openSUSE Leap 42.3:glibc-utils-32bit-2.22-13.2 openSUSE Leap 42.3:nscd-2.22-13.2 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-02/msg00039.html https://www.suse.com/security/cve/CVE-2018-1000001.html CVE-2018-1000001 https://bugzilla.suse.com/1074293 SUSE Bug 1074293 https://bugzilla.suse.com/1099047 SUSE Bug 1099047 An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption. CVE-2018-6485 openSUSE Leap 42.3:glibc-2.22-13.2 openSUSE Leap 42.3:glibc-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-devel-2.22-13.2 openSUSE Leap 42.3:glibc-devel-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-devel-static-2.22-13.2 openSUSE Leap 42.3:glibc-devel-static-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-extra-2.22-13.2 openSUSE Leap 42.3:glibc-html-2.22-13.2 openSUSE Leap 42.3:glibc-i18ndata-2.22-13.2 openSUSE Leap 42.3:glibc-info-2.22-13.2 openSUSE Leap 42.3:glibc-locale-2.22-13.2 openSUSE Leap 42.3:glibc-locale-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-obsolete-2.22-13.2 openSUSE Leap 42.3:glibc-profile-2.22-13.2 openSUSE Leap 42.3:glibc-profile-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-testsuite-2.22-13.2 openSUSE Leap 42.3:glibc-utils-2.22-13.2 openSUSE Leap 42.3:glibc-utils-32bit-2.22-13.2 openSUSE Leap 42.3:nscd-2.22-13.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-02/msg00039.html https://www.suse.com/security/cve/CVE-2018-6485.html CVE-2018-6485 https://bugzilla.suse.com/1079036 SUSE Bug 1079036 The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption. CVE-2018-6551 openSUSE Leap 42.3:glibc-2.22-13.2 openSUSE Leap 42.3:glibc-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-devel-2.22-13.2 openSUSE Leap 42.3:glibc-devel-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-devel-static-2.22-13.2 openSUSE Leap 42.3:glibc-devel-static-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-extra-2.22-13.2 openSUSE Leap 42.3:glibc-html-2.22-13.2 openSUSE Leap 42.3:glibc-i18ndata-2.22-13.2 openSUSE Leap 42.3:glibc-info-2.22-13.2 openSUSE Leap 42.3:glibc-locale-2.22-13.2 openSUSE Leap 42.3:glibc-locale-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-obsolete-2.22-13.2 openSUSE Leap 42.3:glibc-profile-2.22-13.2 openSUSE Leap 42.3:glibc-profile-32bit-2.22-13.2 openSUSE Leap 42.3:glibc-testsuite-2.22-13.2 openSUSE Leap 42.3:glibc-utils-2.22-13.2 openSUSE Leap 42.3:glibc-utils-32bit-2.22-13.2 openSUSE Leap 42.3:nscd-2.22-13.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-02/msg00039.html https://www.suse.com/security/cve/CVE-2018-6551.html CVE-2018-6551 https://bugzilla.suse.com/1079036 SUSE Bug 1079036