SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Glibc Vendors:   GNU [multiple authors]
(CentOS Issues Fix) Glibc Stack/Heap Memory Allocation Error Lets Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1038719
SecurityTracker URL:  http://securitytracker.com/id/1038719
CVE Reference:   CVE-2017-1000366   (Links to External Site)
Date:  Jun 20 2017
Impact:   Execution of arbitrary code via local system, Root access via local system, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.25 and prior
Description:   A vulnerability was reported in Glibc. A local user can obtain elevated privileges on the target system.

A local user can supply specially crafted LD_LIBRARY_PATH values to trigger a stack memory allocation flaw in certain cases and execute arbitrary code on the target system with elevated privileges.

The stack guard-page memory gap can be "jumped" in cases where heap memory and stack memory are adjacent.

The original advisory is available at:

https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt

Qualys Research Labs reported this vulnerability.

Impact:   A local user can obtain elevated privileges on the target system.
Solution:   CentOS has issued a fix.

i386:
c8c5562d6277f6546125c0b72fa632813376708c0929ed5966c6ecc1d60af267 glibc-2.12-1.209.el6_9.2.i686.rpm
acf4bb8d9766178547f15a0fd2b9e4dcb03978a8a76e445cdee8298aff5c56e9 glibc-common-2.12-1.209.el6_9.2.i686.rpm
9e238d3b2bd69de6782d93b81dd3e0612297341fc291b3d48528234c9e74a603 glibc-devel-2.12-1.209.el6_9.2.i686.rpm
eb1f7a972fca5638c89846144c43d8ed047826d54d3211a1cdcdf636d368cc73 glibc-headers-2.12-1.209.el6_9.2.i686.rpm
e012693de52e984e6c8a9f1d372a5704ee88516d623f395149f39176a6e31123 glibc-static-2.12-1.209.el6_9.2.i686.rpm
3c461fb2d935fdf98ff2053bdc7ca2d7b89503bb83e58f0562731c467439f4d6 glibc-utils-2.12-1.209.el6_9.2.i686.rpm
d6c2f6513becee9330d00adaed6843985c7f1d680fafc0834c6bed7aeefc791b nscd-2.12-1.209.el6_9.2.i686.rpm

x86_64:
c8c5562d6277f6546125c0b72fa632813376708c0929ed5966c6ecc1d60af267 glibc-2.12-1.209.el6_9.2.i686.rpm
0e0c823ee4eea6dd1093dadb523997fb82d1aa569240cf9656c8e7cbcb4570fc glibc-2.12-1.209.el6_9.2.x86_64.rpm
a7f9dc551a52ca69dba42fea8af8c5ab1bc009ff7320ef921363d1ae515c0672 glibc-common-2.12-1.209.el6_9.2.x86_64.rpm
9e238d3b2bd69de6782d93b81dd3e0612297341fc291b3d48528234c9e74a603 glibc-devel-2.12-1.209.el6_9.2.i686.rpm
4f0a6c0baa9cfb07da2399e130d8770d37c17a83bb3e9f1899be5f79be7c6e2b glibc-devel-2.12-1.209.el6_9.2.x86_64.rpm
021becbbd47a5ddcd82b59a697918f7af7193539cf574039593016e0b2e44cc0 glibc-headers-2.12-1.209.el6_9.2.x86_64.rpm
e012693de52e984e6c8a9f1d372a5704ee88516d623f395149f39176a6e31123 glibc-static-2.12-1.209.el6_9.2.i686.rpm
570ac84e27cfa78a0c3667f29c4bd1977dab00cb862368a226395e011f597bc7 glibc-static-2.12-1.209.el6_9.2.x86_64.rpm
0bbab0ee74648108c13799e8845da6de2bacd8d936f5e803e401c2deb5f53d97 glibc-utils-2.12-1.209.el6_9.2.x86_64.rpm
358fcd0052c34d2e3a60144740670cc86380cd7061ab2ed73e8f9857c919f8df nscd-2.12-1.209.el6_9.2.x86_64.rpm

Source:
117b8365020b0540e92e01c9d34ae7351805551b8c8850068936e7fa54c83fb8 glibc-2.12-1.209.el6_9.2.src.rpm

x86_64:
2ae484b46a13bd0bb12031e252a4e13ee5c74705fed8fb576698f2c4e11a6163 glibc-2.17-157.el7_3.4.i686.rpm
e2b260088877521e9122cd4225af9607af32068704ce4f3220efb2b3758e462d glibc-2.17-157.el7_3.4.x86_64.rpm
494841b24fb8b5b25310766f7d8866609e1c8beb740540834657529667f1ae9d glibc-common-2.17-157.el7_3.4.x86_64.rpm
7a285d626ef8906c8fa960da93e1106dc231a50831d697f8cf0c90b3f93ed85a glibc-devel-2.17-157.el7_3.4.i686.rpm
c79dfc8aeeaac7ece2088200c35fb52427149c0ed3f5a0ac22d6dd448a7cd555 glibc-devel-2.17-157.el7_3.4.x86_64.rpm
3792c94e171e9f22f85fc864cc69de84f58638c6424b30fcb2199a6561f0012e glibc-headers-2.17-157.el7_3.4.x86_64.rpm
a1094b9495112757b4edeb87277a1f46b48c67f90dc5816cbdce3d7c57da356a glibc-static-2.17-157.el7_3.4.i686.rpm
07d95e1e00c887a417eafe8ecefd5655358a6c2431cda6e396c0385eaf574db2 glibc-static-2.17-157.el7_3.4.x86_64.rpm
4a35235842cd5ab357845a649a1d653a2cef3fd3c6c14d7148be4a1a7b94cb3a glibc-utils-2.17-157.el7_3.4.x86_64.rpm
c640447bb665eaa3fb0e4732f75631bd517024f239fd0965b0c029d6a0df0d0d nscd-2.17-157.el7_3.4.x86_64.rpm

Source:
43e73ff88b6a7974b167b492ab1797c9cce228f4e880b93da3398915dd54e998 glibc-2.17-157.el7_3.4.src.rpm

Cause:   Access control error
Underlying OS:  Linux (CentOS)
Underlying OS Comments:  6, 7

Message History:   This archive entry is a follow-up to the message listed below.
Jun 20 2017 Glibc Stack/Heap Memory Allocation Error Lets Local Users Gain Elevated Privileges



 Source Message Contents

Subject:  [CentOS-announce] CESA-2017:1481 Important CentOS 7 glibc Security Update


CentOS Errata and Security Advisory 2017:1481 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1481.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
2ae484b46a13bd0bb12031e252a4e13ee5c74705fed8fb576698f2c4e11a6163  glibc-2.17-157.el7_3.4.i686.rpm
e2b260088877521e9122cd4225af9607af32068704ce4f3220efb2b3758e462d  glibc-2.17-157.el7_3.4.x86_64.rpm
494841b24fb8b5b25310766f7d8866609e1c8beb740540834657529667f1ae9d  glibc-common-2.17-157.el7_3.4.x86_64.rpm
7a285d626ef8906c8fa960da93e1106dc231a50831d697f8cf0c90b3f93ed85a  glibc-devel-2.17-157.el7_3.4.i686.rpm
c79dfc8aeeaac7ece2088200c35fb52427149c0ed3f5a0ac22d6dd448a7cd555  glibc-devel-2.17-157.el7_3.4.x86_64.rpm
3792c94e171e9f22f85fc864cc69de84f58638c6424b30fcb2199a6561f0012e  glibc-headers-2.17-157.el7_3.4.x86_64.rpm
a1094b9495112757b4edeb87277a1f46b48c67f90dc5816cbdce3d7c57da356a  glibc-static-2.17-157.el7_3.4.i686.rpm
07d95e1e00c887a417eafe8ecefd5655358a6c2431cda6e396c0385eaf574db2  glibc-static-2.17-157.el7_3.4.x86_64.rpm
4a35235842cd5ab357845a649a1d653a2cef3fd3c6c14d7148be4a1a7b94cb3a  glibc-utils-2.17-157.el7_3.4.x86_64.rpm
c640447bb665eaa3fb0e4732f75631bd517024f239fd0965b0c029d6a0df0d0d  nscd-2.17-157.el7_3.4.x86_64.rpm

Source:
43e73ff88b6a7974b167b492ab1797c9cce228f4e880b93da3398915dd54e998  glibc-2.17-157.el7_3.4.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC