9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.02 Low
EPSS
Percentile
88.7%
Issue Overview:
A buffer overflow has been discovered in the GNU C Library (aka glibc or libc6) in the __mempcpy_avx512_no_vzeroupper function when particular conditions are met. An attacker could use this vulnerability to cause a denial of service or potentially execute code.(CVE-2018-11237)
elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the “./” directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.(CVE-2017-16997)
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.(CVE-2018-11236)
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.(CVE-2018-6485)
Affected Packages:
glibc
Issue Correction:
Run yum update glibc to update your system.
New Packages:
i686:
glibc-2.17-260.175.amzn1.i686
glibc-common-2.17-260.175.amzn1.i686
glibc-headers-2.17-260.175.amzn1.i686
glibc-debuginfo-2.17-260.175.amzn1.i686
glibc-debuginfo-common-2.17-260.175.amzn1.i686
glibc-utils-2.17-260.175.amzn1.i686
glibc-static-2.17-260.175.amzn1.i686
nscd-2.17-260.175.amzn1.i686
glibc-devel-2.17-260.175.amzn1.i686
src:
glibc-2.17-260.175.amzn1.src
x86_64:
glibc-common-2.17-260.175.amzn1.x86_64
glibc-debuginfo-common-2.17-260.175.amzn1.x86_64
glibc-utils-2.17-260.175.amzn1.x86_64
glibc-2.17-260.175.amzn1.x86_64
glibc-devel-2.17-260.175.amzn1.x86_64
nscd-2.17-260.175.amzn1.x86_64
glibc-static-2.17-260.175.amzn1.x86_64
glibc-debuginfo-2.17-260.175.amzn1.x86_64
glibc-headers-2.17-260.175.amzn1.x86_64
Red Hat: CVE-2017-16997, CVE-2018-11236, CVE-2018-11237, CVE-2018-6485
Mitre: CVE-2017-16997, CVE-2018-11236, CVE-2018-11237, CVE-2018-6485
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | glibc | < 2.17-260.175.amzn1 | glibc-2.17-260.175.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | glibc-common | < 2.17-260.175.amzn1 | glibc-common-2.17-260.175.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | glibc-headers | < 2.17-260.175.amzn1 | glibc-headers-2.17-260.175.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | glibc-debuginfo | < 2.17-260.175.amzn1 | glibc-debuginfo-2.17-260.175.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | glibc-debuginfo-common | < 2.17-260.175.amzn1 | glibc-debuginfo-common-2.17-260.175.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | glibc-utils | < 2.17-260.175.amzn1 | glibc-utils-2.17-260.175.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | glibc-static | < 2.17-260.175.amzn1 | glibc-static-2.17-260.175.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | nscd | < 2.17-260.175.amzn1 | nscd-2.17-260.175.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | glibc-devel | < 2.17-260.175.amzn1 | glibc-devel-2.17-260.175.amzn1.i686.rpm |
Amazon Linux | 1 | x86_64 | glibc-common | < 2.17-260.175.amzn1 | glibc-common-2.17-260.175.amzn1.x86_64.rpm |
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.02 Low
EPSS
Percentile
88.7%