Bug 29928

Summary: Update request: glibc-2.32-23.mga8
Product: Mageia Reporter: Thomas Backlund <tmb>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: andrewsfarm, sysadmin-bugs, tarazed25
Version: 8Keywords: validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA8-64-OK MGA8-32-OK
Source RPM: glibc CVE:
Status comment:

Description Thomas Backlund 2022-01-22 20:21:25 CET 
Security fixes:

The deprecated compatibility function svcunix_create in the sunrpc module
of the GNU C Library (aka glibc) through 2.34 copies its path argument on
the stack without validating its length, which may result in a buffer
overflow, potentially resulting in a denial of service or (if an application
is not built with a stack protector enabled) arbitrary code execution
(CVE-2022-23218).

The deprecated compatibility function clnt_create in the sunrpc module of
the GNU C Library (aka glibc) through 2.34 copies its hostname argument on
the stack without validating its length, which may result in a buffer
overflow, potentially resulting in a denial of service or (if an
application is not built with a stack protector enabled) arbitrary code
execution (CVE-2022-23219).


SRPM:
glibc-2.32-23.mga8.src.rpm


i586:
glibc-2.32-23.mga8.i586.rpm
glibc-devel-2.32-23.mga8.i586.rpm
glibc-doc-2.32-23.mga8.noarch.rpm
glibc-i18ndata-2.32-23.mga8.i586.rpm
glibc-profile-2.32-23.mga8.i586.rpm
glibc-static-devel-2.32-23.mga8.i586.rpm
glibc-utils-2.32-23.mga8.i586.rpm
nscd-2.32-23.mga8.i586.rpm


x86_&4:
glibc-2.32-23.mga8.x86_64.rpm
glibc-devel-2.32-23.mga8.x86_64.rpm
glibc-doc-2.32-23.mga8.noarch.rpm
glibc-i18ndata-2.32-23.mga8.x86_64.rpm
glibc-profile-2.32-23.mga8.x86_64.rpm
glibc-static-devel-2.32-23.mga8.x86_64.rpm
glibc-utils-2.32-23.mga8.x86_64.rpm
nscd-2.32-23.mga8.x86_64.rpm
Comment 1 Len Lawrence 2022-01-22 21:53:17 CET 
x86_64, Mate
Updated the eight packages via qarepo/MageiaUpdate and rebooted smoothly.
$ rpm -qa | grep glibc
glibc-static-devel-2.32-23.mga8
glibc-profile-2.32-23.mga8
glibc-2.32-23.mga8
glibc-utils-2.32-23.mga8
glibc-i18ndata-2.32-23.mga8
glibc-doc-2.32-23.mga8
glibc-devel-2.32-23.mga8
$ rpm -q nscd
nscd-2.32-23.mga8

Everything looks fine.  Nothing suspicious in dmesg.  Giving this an OK.

Whiteboard: (none) => MGA8-64-OK
CC: (none) => tarazed25

Thomas Andrews 2022-01-22 22:05:36 CET

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Thomas Andrews 2022-01-22 22:06:34 CET

Keywords: validated_update => (none)

Comment 2 Thomas Andrews 2022-01-22 22:25:20 CET 
(First validation was a slip of the mouse...)

Since this is so fundamental, also tested on real 32-bit hardware: Foolishness, my Dell Inspiron 5100, 32-bit P4, Xfce system.

Updated via qarepo, and rebooted. Everything looks good here, too. Giving it a 32-bit OK and validating.

Keywords: (none) => validated_update
Whiteboard: MGA8-64-OK => MGA8-64-OK MGA8-32-OK

Comment 3 Mageia Robot 2022-01-23 21:50:56 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2022-0028.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED