Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 534
Alerts This Week
Warning Icon 1 534

Fedora 39 glibc Security Advisory: RCE Risk Mitigated by Fixes

fedora
Calendar Grey April 20, 2024
Dist Fedora Esm H88
Keep your system secure with the latest updates from Fedora 39, featuring glibc enhancements that tackle significant security vulnerabilities and improve overall performance. Update today!
This update includes several bug fixes from the upstream glibc release branch, including a fix for CVE-2024-2961.

Summary

The glibc package contains standard libraries which are used by

multiple programs on the system. In order to save disk space and

memory, as well as to make upgrading easier, common system code is

kept in one place and shared between programs. This particular package

contains the most important sets of shared libraries: the standard C

library and the standard math library. Without these two libraries, a

Linux system will not function.

Update Information:

This update includes several bug fixes from the upstream glibc release branch, including a fix for CVE-2024-2961.

Change Log

* Thu Apr 18 2024 Arjun Shankar - 2.38-18 - Auto-sync with upstream branch release/2.38/master, commit e1135387deded5d73924f6ca20c72a35dc8e1bda: - iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961) - powerpc: Fix ld.so address determination for PCREL mode (bug 31640) - AArch64: Check kernel version for SVE ifuncs - aarch64: fix check for SVE support in assembler - aarch64: correct CFI in rawmemchr (bug 31113) - AArch64: Remove Falkor memcpy - AArch64: Add memset_zva64 - AArch64: Cleanup emag memset - AArch64: Cleanup ifuncs - AArch64: Add support for MOPS memcpy/memmove/memset - Add HWCAP2_MOPS from Linux 6.5 to AArch64 bits/hwcap.h - LoongArch: Correct {__ieee754, _}_scalb -> {__ieee754, _}_scalbf

References


[ 1 ] Bug #2275855 - CVE-2024-2961 glibc: Out of bounds write in iconv may lead to remote code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2275855

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-9be1b94714' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: glibc
Product: Fedora 39
Version: 2.38
Release: 18.fc39
URL:
Summary: The GNU libc libraries

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.