Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 41: glibc 2025-e489437b3d critical: string clobber DoS

fedora
Calendar Grey June 25, 2025
Dist Fedora Esm H88
Essential modifications to glibc in Fedora 41 tackle stability issues and improve efficiency across multiple CPU architectures.
This update contains the following bug fixes and enhancements: * String function register clobbers specific to POWER10 machines (CVE-2025-5702, CVE-2025-5745)

Summary

The glibc package contains standard libraries which are used by

multiple programs on the system. In order to save disk space and

memory, as well as to make upgrading easier, common system code is

kept in one place and shared between programs. This particular package

contains the most important sets of shared libraries: the standard C

library and the standard math library. Without these two libraries, a

Linux system will not function.

Update Information:

This update contains the following bug fixes and enhancements: * String function register clobbers specific to POWER10 machines (CVE-2025-5702, CVE-2025-5745). * Crashes in TLS management when auditors are used (rhbz#2330213) * Optimizations for x86-64 CPUs * Optimizations for AArch64 CPUs

Topics%20covered

Topics Covered

security advisory critical Fedora DoS glbc string clobber

Change Log

* Sat Jun 21 2025 Florian Weimer - 2.40-26 - Remove glibc-rh1889892-*.patch, now backported upstream. - Auto-sync with upstream branch release/2.40/master, commit dbc83657e290bdad3245259be80fb84cbe10304c: - ppc64le: Revert "powerpc: Optimized strcmp for power10" (CVE-2025-5702) - ppc64le: Revert "powerpc : Add optimized memchr for POWER10" (Bug 33059) - ppc64le: Revert "powerpc: Fix performance issues of strcmp power10" (CVE-2025-5702) - ppc64le: Revert "powerpc: Optimized strncmp for power10" (CVE-2025-5745) - elf: Keep using minimal malloc after early DTV resize (bug 32412) - libio: Fix a deadlock after fork in popen - x86: Detect Intel Diamond Rapids - x86: Handle unknown Intel processor with default tuning - x86: Add ARL/PTL/CWF model detection support - x86: Optimize xstate size calculation - x86: Use `Avoid_Non_Temporal_Memset` to control non-temporal path - x86: Use separate variable for TLSDESC XSAVE/XSAVEC state size (bug 32810) - x86: Skip XSAVE state size reset if ISA level requires XSAVE - x86_64: Add atanh with FMA - x86_64: Add sinh with FMA - x86_64: Add tanh with FMA - nptl: clear the whole rseq area before registration - math: Improve layout of exp/exp10 data - AArch64: Use prefer_sve_ifuncs for SVE memset - AArch64: Add SVE memset - math: Improve layout of expf data - AArch64: Remove zva_128 from memset - AArch64: Optimize memset - AArch64: Improve generic strlen - AArch64: Improve codegen for SVE powf - AArch64: Improve codegen for SVE pow - AArch64: Improve codegen for SVE erfcf - Aarch64: Improve codegen in SVE exp and users, and update expf_inline - Aarch64: Improve codegen in SVE asinh - AArch64: Improve codegen in SVE expm1f and users - AArch64: Improve codegen for SVE log1pf users - AArch64: Improve codegen for SVE logs - AArch64: Improve codegen in SVE tans - AArch64: Improve codegen in AdvSIMD asinh - AArch64: Improve codegen of AdvSIMD expf family - AArch64: Improve codegen of AdvSIMD atan(2)(f) - AArch64: Improve codegen of AdvSIMD logf function family - AArch64: Improve codegen in users of ADVSIMD log1p helper - AArch64: Improve codegen in AdvSIMD logs - AArch64: Improve codegen in AdvSIMD pow - AArch64: Remove SVE erf and erfc tables - AArch64: Small optimisation in AdvSIMD erf and erfc - AArch64: Simplify rounding-multiply pattern in several AdvSIMD routines - AArch64: Improve codegen in users of ADVSIMD expm1f helper - AArch64: Improve codegen in users of AdvSIMD log1pf helper - AArch64: Improve codegen in SVE F32 logs - AArch64: Improve codegen in SVE expf & related routines - aarch64: Avoid redundant MOVs in AdvSIMD F32 logs - math: Add optimization barrier to ensure a1 + u.d is not reused [BZ #30664]

References


[ 1 ] Bug #2330213 - ld.so calls realloc on a DTV which wasn't allocated with malloc https://bugzilla.redhat.com/show_bug.cgi?id=2330213 [ 2 ] Bug #2370506 - CVE-2025-5702 glibc: From CVEorg collector [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370506 [ 3 ] Bug #2370511 - CVE-2025-5745 glibc: From CVEorg collector [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370511

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-e489437b3d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: glibc
Product: Fedora 41
Version: 2.40
Release: 26.fc41
URL: http://www.gnu.org/software/glibc/
Summary: The GNU libc libraries

Topics%20covered

Topics Covered

security advisory critical Fedora DoS glbc string clobber

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here