Bug 29259

Summary: glibc new security issue CVE-2021-35942
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: andrewsfarm, davidwhodgins, ouaurelien, sysadmin-bugs, tmb
Version: 8Keywords: validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA8-64-OK MGA8-32-OK
Source RPM: glibc-2.32-16.mga8.src.rpm CVE:
Status comment:

Description David Walser 2021-07-14 16:43:16 CEST 
Fedora has issued an advisory today (July 14):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZT2QUZQYD5FTXCEAQNWHUQN72QRNZNYI/

The issue is fixed upstream in 2.34.

Thomas has actually already patched this in SVN and pushed an updated build to updates_testing, it just hasn't been assigned to QA yet:
r1735142 | tmb | 2021-07-07 18:08:16 -0400 (Wed, 07 Jul 2021) | 1 line
wordexp: handle overflow in positional parameter number [BZ #28011]

It's already been running fine on one of my systems (x86_64) since the 8th, and I imagine other QA members have installed it too.

glibc-2.32-17.mga8
glibc-devel-2.32-17.mga8
glibc-doc-2.32-17.mga8
glibc-i18ndata-2.32-17.mga8
glibc-profile-2.32-17.mga8
glibc-static-devel-2.32-17.mga8
glibc-utils-2.32-17.mga8
nscd-2.32-17.mga8

from glibc-2.32-17.mga8.src.rpm
David Walser 2021-07-14 16:43:25 CEST

CC: (none) => tmb

Comment 1 Aurelien Oudelet 2021-07-14 17:15:05 CEST 
I agree with David.
glibc-2.32-17.mga8 runs fine here since day 1.

mga8 x64, kernel-5.10.48-desktop-1.mga8

CC: (none) => ouaurelien

Comment 2 Thomas Backlund 2021-07-14 18:53:39 CEST 
Yeah, I planned to add another fix before assigning to QA but I haven't had time for that yet as it needs more work, so ok on testing / validating this one as-is
Comment 3 Dave Hodgins 2021-07-14 21:39:58 CEST 
No regressions noticed on my three m8 x86_64 installs and one m8 aarch64 (rpi4)
install.

CC: (none) => davidwhodgins

Comment 4 Thomas Andrews 2021-07-17 00:40:59 CEST 
I didn't run it for an extended time, but I didn't notice any regressions in an m8 i586 Xfce install on my HP Probook 6550b.

CC: (none) => andrewsfarm

Comment 5 Aurelien Oudelet 2021-07-19 22:28:27 CEST 
Advisory:
========================

Updated glibc packages fix a security vulnerability:

An integer overflow flaw was found in glibc that may result in reading of arbitrary memory when wordexp is used with a specially crafted untrusted regular expression input (CVE-2021-35942).

References:
 - https://bugs.mageia.org/show_bug.cgi?id=29259
 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
 - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZT2QUZQYD5FTXCEAQNWHUQN72QRNZNYI/
========================

Updated packages in core/updates_testing:
========================
glibc-2.32-17.mga8
glibc-devel-2.32-17.mga8
glibc-doc-2.32-17.mga8
glibc-i18ndata-2.32-17.mga8
glibc-profile-2.32-17.mga8
glibc-static-devel-2.32-17.mga8
glibc-utils-2.32-17.mga8
nscd-2.32-17.mga8

From SRPM:
glibc-2.32-17.mga8.src.rpm
Comment 6 Thomas Andrews 2021-07-20 01:51:25 CEST 
No installation issues on real 32-bit hardware, Dell Inspiron 5100, Xfce system.

After the reboot, no regressions noted.

I see no reason to not let this go. OKing on both arches, and validating. Advisory in Comment 5.

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs
Whiteboard: (none) => MGA8-64-OK MGA8-32-OK

Comment 7 Mageia Robot 2021-07-20 12:48:20 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2021-0362.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED