Executive Summary
Summary | |
---|---|
Title | glibc security and bug fix update |
Informations | |||
---|---|---|---|
Name | RHSA-2012:0058 | First vendor Publication | 2012-01-24 |
Vendor | RedHat | Last vendor Modification | 2012-01-24 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated glibc packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029) A denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609) This update also fixes the following bugs: * glibc had incorrect information for numeric separators and groupings for specific French, Spanish, and German locales. Therefore, applications utilizing glibc's locale support printed numbers with the wrong separators and groupings when those locales were in use. With this update, the separator and grouping information has been fixed. (BZ#754116) * The RHBA-2011:1179 glibc update introduced a regression, causing glibc to incorrectly parse groups with more than 126 members, resulting in applications such as "id" failing to list all the groups a particular user was a member of. With this update, group parsing has been fixed. (BZ#766484) * glibc incorrectly allocated too much memory due to a race condition within its own malloc routines. This could cause a multi-threaded application to allocate more memory than was expected. With this update, the race condition has been fixed, and malloc's behavior is now consistent with the documentation regarding the MALLOC_ARENA_TEST and MALLOC_ARENA_MAX environment variables. (BZ#769594) Users should upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 761245 - CVE-2009-5029 glibc: __tzfile_read integer overflow to buffer overflow 767299 - CVE-2011-4609 glibc: svc_run() produces high cpu usage when accept() fails with EMFILE error |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2012-0058.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-399 | Resource Management Errors |
50 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:20487 | |||
Oval ID: | oval:org.mitre.oval:def:20487 | ||
Title: | VMware vSphere and vCOps updates to third party libraries | ||
Description: | Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-5029 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20676 | |||
Oval ID: | oval:org.mitre.oval:def:20676 | ||
Title: | VMware vSphere and vCOps updates to third party libraries | ||
Description: | The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2011-4609 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21296 | |||
Oval ID: | oval:org.mitre.oval:def:21296 | ||
Title: | RHSA-2012:0058: glibc security and bug fix update (Moderate) | ||
Description: | The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0058-01 CESA-2012:0058 CVE-2009-5029 CVE-2011-4609 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21365 | |||
Oval ID: | oval:org.mitre.oval:def:21365 | ||
Title: | RHSA-2012:0126: glibc security update (Moderate) | ||
Description: | The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0126-01 CESA-2012:0126 CVE-2009-5029 CVE-2009-5064 CVE-2010-0830 CVE-2011-1089 CVE-2011-4609 | Version: | 68 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22910 | |||
Oval ID: | oval:org.mitre.oval:def:22910 | ||
Title: | ELSA-2012:0126: glibc security update (Moderate) | ||
Description: | The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0126-01 CVE-2009-5029 CVE-2009-5064 CVE-2010-0830 CVE-2011-1089 CVE-2011-4609 | Version: | 25 |
Platform(s): | Oracle Linux 5 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23809 | |||
Oval ID: | oval:org.mitre.oval:def:23809 | ||
Title: | ELSA-2012:0058: glibc security and bug fix update (Moderate) | ||
Description: | The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0058-01 CVE-2009-5029 CVE-2011-4609 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25222 | |||
Oval ID: | oval:org.mitre.oval:def:25222 | ||
Title: | SUSE-SU-2013:1287-1 -- Security update for glibc | ||
Description: | This collective update for the GNU C library (glibc) provides the following fixes and enhancements: Security issues fixed: - Fix stack overflow in getaddrinfo with many results. (bnc#813121, CVE-2013-1914) - Fixed another stack overflow in getaddrinfo with many results (bnc#828637) - Fix buffer overflow in glob. (bnc#691365) (CVE-2010-4756) - Fix array overflow in floating point parser [bnc#775690] (CVE-2012-3480) - Fix strtod integer/buffer overflows [bnc#775690] (CVE-2012-3480) - Make addmntent return errors also for cached streams. [bnc #676178, CVE-2011-1089] - Fix overflows in vfprintf. [bnc #770891, CVE 2012-3406] - Add vfprintf-nargs.diff for possible format string overflow. [bnc #747768, CVE-2012-0864] - Check values from file header in __tzfile_read. [bnc #735850, CVE-2009-5029] Also several bugs were fixed: - Fix locking in _IO_cleanup. (bnc#796982) - Fix memory leak in execve. (bnc#805899) - Fix nscd timestamps in logging (bnc#783196) - Fix perl script error message (bnc#774467) - Fall back to localhost if no nameserver defined (bnc#818630) - Fix incomplete results from nscd. [bnc #753756] - Fix a deadlock in dlsym in case the symbol isn't found, for multithreaded programs. [bnc #760216] - Fix problem with TLS and dlopen. [#732110] - Backported regex fix for skipping of valid EUC-JP matches [bnc#743689] - Fixed false regex match on incomplete chars in EUC-JP [bnc#743689] - Add glibc-pmap-timeout.diff in order to fix useless connection attempts to NFS servers. [bnc #661460] | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:1287-1 CVE-2013-1914 CVE-2010-4756 CVE-2012-3480 CVE-2011-1089 CVE-2012-0864 CVE-2009-5029 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27898 | |||
Oval ID: | oval:org.mitre.oval:def:27898 | ||
Title: | DEPRECATED: ELSA-2012-0058 -- glibc security and bug fix update (moderate) | ||
Description: | [2.12-1.47.el6_2.5] - Avoid high cpu usage when accept fails with EMFILE (#767692) [2.12-1.47.el6_2.4] - Make implementation of ARENAS_TEST and ARENAS_MAX match documentation (#769594) - Check malloc arena atomically (#769594) [2.12-1.47.el6_2.3] - Check values from TZ file header (#767692) [2.12-1.47.el6_2.2] - Correctly reparse group line after enlarging the buffer (#766484) [2.12-1.47.el6_2.1] - Fix grouping and reuse other locales in various locales (#754116) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0058 CVE-2009-5029 CVE-2011-4609 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27927 | |||
Oval ID: | oval:org.mitre.oval:def:27927 | ||
Title: | DEPRECATED: ELSA-2012-0126 -- glibc security update (moderate) | ||
Description: | [2.5-65.el5_7.3] - Use correct type when casting d_tag (#767687) - Report write error in addmnt even for cached streams (#767687) - ldd: Never run file directly (#767687). - Workaround misconfigured system (#767687) [2.5-65.el5_7.2] - Check values from TZ file header (#767687) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0126 CVE-2010-0830 CVE-2009-5029 CVE-2009-5064 CVE-2011-1089 CVE-2011-4609 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | glibc |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-12-27 | Name : VMSA-2012-0018: VMware security updates for vCSA and ESXi File : nvt/gb_VMSA-2012-0018.nasl |
2012-09-10 | Name : Slackware Advisory SSA:2012-041-03 glibc File : nvt/esoft_slk_ssa_2012_041_03.nasl |
2012-08-31 | Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries. File : nvt/gb_VMSA-2012-0013.nasl |
2012-08-02 | Name : SuSE Update for glibc openSUSE-SU-2012:0064-1 (glibc) File : nvt/gb_suse_2012_0064_1.nasl |
2012-07-30 | Name : CentOS Update for glibc CESA-2012:0058 centos6 File : nvt/gb_CESA-2012_0058_glibc_centos6.nasl |
2012-07-30 | Name : CentOS Update for glibc CESA-2012:0125 centos4 File : nvt/gb_CESA-2012_0125_glibc_centos4.nasl |
2012-07-30 | Name : CentOS Update for glibc CESA-2012:0126 centos5 File : nvt/gb_CESA-2012_0126_glibc_centos5.nasl |
2012-07-30 | Name : CentOS Update for glibc CESA-2012:0393 centos6 File : nvt/gb_CESA-2012_0393_glibc_centos6.nasl |
2012-07-09 | Name : RedHat Update for glibc RHSA-2012:0058-01 File : nvt/gb_RHSA-2012_0058-01_glibc.nasl |
2012-07-09 | Name : RedHat Update for glibc RHSA-2012:0393-01 File : nvt/gb_RHSA-2012_0393-01_glibc.nasl |
2012-03-12 | Name : Ubuntu Update for eglibc USN-1396-1 File : nvt/gb_ubuntu_USN_1396_1.nasl |
2012-02-21 | Name : RedHat Update for glibc RHSA-2012:0125-01 File : nvt/gb_RHSA-2012_0125-01_glibc.nasl |
2012-02-21 | Name : RedHat Update for glibc RHSA-2012:0126-01 File : nvt/gb_RHSA-2012_0126-01_glibc.nasl |
2012-01-20 | Name : Fedora Update for glibc FEDORA-2012-0018 File : nvt/gb_fedora_2012_0018_glibc_fc15.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
78316 | GNU C Library (glibc) Multiple Function EMFILE Error Handling Remote DoS |
77508 | GNU C Library time/tzfile.c __tzfile_read() Function Timezone File Handling R... |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2012-09-13 | IAVM : 2012-A-0148 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0033794 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-02-29 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2012-0013_remote.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1287-1.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0168.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0109.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_glibc-111219.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_glibc-111219.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-32.nasl - Type : ACT_GATHER_INFO |
2013-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201312-01.nasl - Type : ACT_GATHER_INFO |
2013-11-13 | Name : The remote VMware ESXi 5.1 host is affected by multiple security vulnerabilit... File : vmware_esxi_5_1_build_1063671_remote.nasl - Type : ACT_GATHER_INFO |
2013-11-13 | Name : The remote VMware ESXi 5.0 host is affected by multiple vulnerabilities. File : vmware_esxi_5_0_build_912577_remote.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-39.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0393.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0058.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0125.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0126.nasl - Type : ACT_GATHER_INFO |
2012-12-24 | Name : The remote VMware ESXi host is missing one or more security-related patches. File : vmware_VMSA-2012-0018.nasl - Type : ACT_GATHER_INFO |
2012-08-31 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0013.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120124_glibc_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120213_glibc_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120213_glibc_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-03-20 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0393.nasl - Type : ACT_GATHER_INFO |
2012-03-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0393.nasl - Type : ACT_GATHER_INFO |
2012-03-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1396-1.nasl - Type : ACT_GATHER_INFO |
2012-02-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0125.nasl - Type : ACT_GATHER_INFO |
2012-02-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0126.nasl - Type : ACT_GATHER_INFO |
2012-02-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0125.nasl - Type : ACT_GATHER_INFO |
2012-02-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0126.nasl - Type : ACT_GATHER_INFO |
2012-02-13 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2012-041-03.nasl - Type : ACT_GATHER_INFO |
2012-01-31 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0058.nasl - Type : ACT_GATHER_INFO |
2012-01-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0058.nasl - Type : ACT_GATHER_INFO |
2012-01-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-0018.nasl - Type : ACT_GATHER_INFO |
2012-01-05 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_glibc-111219.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:55:31 |
|
2013-05-03 17:20:24 |
|
2013-05-02 21:20:21 |
|
2013-02-06 19:08:11 |
|