Debian: DSA-3169-1: eglibc security update

    Date23 Feb 2015
    CategoryDebian
    69
    Posted ByLinuxSecurity Advisories
    Several vulnerabilities have been fixed in eglibc, Debian's version of the GNU C library: CVE-2012-3406
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    - ----------------------------------------------------------------------
    Debian Security Advisory DSA-3169-1                This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/                         Aurelien Jarno
    February 23, 2015                   http://www.debian.org/security/faq
    - ----------------------------------------------------------------------
    
    Package        : eglibc
    CVE ID         : CVE-2012-3406 CVE-2013-7424 CVE-2014-4043 CVE-2014-9402
                     CVE-2015-1472 CVE-2015-1473
    Debian Bug     : 681888 751774 775572 777197
    
    Several vulnerabilities have been fixed in eglibc, Debian's version of
    the GNU C library:
    
    CVE-2012-3406
        The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka
        glibc) 2.5, 2.12, and probably other versions does not "properly restrict
        the use of" the alloca function when allocating the SPECS array, which
        allows context-dependent attackers to bypass the FORTIFY_SOURCE
        format-string protection mechanism and cause a denial of service (crash)
        or possibly execute arbitrary code via a crafted format string using
        positional parameters and a large number of format specifiers, a different
        vulnerability than CVE-2012-3404 and CVE-2012-3405.
    
    CVE-2013-7424
        An invalid free flaw was found in glibc's getaddrinfo() function when used
        with the AI_IDN flag. A remote attacker able to make an application call
        this function could use this flaw to execute arbitrary code with the
        permissions of the user running the application. Note that this flaw only
        affected applications using glibc compiled with libidn support.
    
    CVE-2014-4043
        The posix_spawn_file_actions_addopen function in glibc before 2.20 does not
        copy its path argument in accordance with the POSIX specification, which
        allows context-dependent attackers to trigger use-after-free
        vulnerabilities.
    
    CVE-2014-9402
        The getnetbyname function in glibc 2.21 in earlier will enter an infinite
        loop if the DNS backend is activated in the system Name Service Switch
        configuration, and the DNS resolver receives a positive answer while
        processing the network name.
    
    CVE-2015-1472
    CVE-2015-1473
        Under certain conditions wscanf can allocate too little memory for the
        to-be-scanned arguments and overflow the allocated buffer. The incorrect
        use of "__libc_use_alloca (newsize)" caused a different (and weaker)
        policy to be enforced which could allow a denial of service attack.
    
    For the unstable distribution (sid), all the above issues are fixed in version
    2.19-15 of the glibc package.
    
    We recommend that you upgrade your eglibc packages.
    
    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: http://www.debian.org/security/
    
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"15","type":"x","order":"1","pct":53.57,"resources":[]},{"id":"88","title":"Should be more technical","votes":"4","type":"x","order":"2","pct":14.29,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"9","type":"x","order":"3","pct":32.14,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.