Advisory: Under certain conditions wscanf can allocate too little memory for the to-be-scanned arguments and overflow the allocated buffer (CVE-2015-1472). The incorrect use of "__libc_use_alloca (newsize)" caused a different (and weaker) policy to be enforced which could allow a denial of service attack (CVE-2015-1473). Reference: http://www.openwall.com/lists/oss-security/2015/02/04/1 SRPM: glibc-2.18-9.9.mga4.src.rpm i586: glibc-2.18-9.9.mga4.i586.rpm glibc-devel-2.18-9.9.mga4.i586.rpm glibc-doc-2.18-9.9.mga4.noarch.rpm glibc-i18ndata-2.18-9.9.mga4.i586.rpm glibc-profile-2.18-9.9.mga4.i586.rpm glibc-static-devel-2.18-9.9.mga4.i586.rpm glibc-utils-2.18-9.9.mga4.i586.rpm nscd-2.18-9.9.mga4.i586.rpm x86_64: glibc-2.18-9.9.mga4.x86_64.rpm glibc-devel-2.18-9.9.mga4.x86_64.rpm glibc-doc-2.18-9.9.mga4.noarch.rpm glibc-i18ndata-2.18-9.9.mga4.x86_64.rpm glibc-profile-2.18-9.9.mga4.x86_64.rpm glibc-static-devel-2.18-9.9.mga4.x86_64.rpm glibc-utils-2.18-9.9.mga4.x86_64.rpm nscd-2.18-9.9.mga4.x86_64.rpm Reproducible: Steps to Reproduce:
Had this running on my 6 machines that I tested the kernel on since the weekend or yesterday. No general regressions. PoC for the security issue here: https://sourceware.org/bugzilla/show_bug.cgi?id=16618 Compile the program in the bug report there as follows: gcc scan.c -std=c99 Then run the program: ./a.out Before the glibc update it gives an error output due to the free() call. After it gives no output. Testing complete Mageia 4 i586.
Whiteboard: (none) => has_procedure MGA4-32-OK
Performed two installations one x86_64 and one i586 with kernel, 3 x nvidia, fglrx, broadcom-wl, vbox, xtables-addons and also glibc, dbus, x11 and cups at the same time. Also tested PoC 64bit. All Ok.
Whiteboard: has_procedure MGA4-32-OK => has_procedure MGA4-32-OK mga4-64-ok
Advisory uploaded.
Whiteboard: has_procedure MGA4-32-OK mga4-64-ok => has_procedure advisory MGA4-32-OK mga4-64-ok
Running fine on 3 live x86_64 systems here
Testing on Mageia4x32 real hardware (intel core i3, 8 Series/C220 Series Chipset, nvidia GTX750) glibc-2.18-9.9.mga4 with latest kernel-desktop, dbus and x11-server OK
CC: (none) => olchal
Validating. Please push to 4 updates Thanks
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0072.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
URL: (none) => http://lwn.net/Vulnerabilities/633832/