ALAS2-2018-1048

Affecting glibc-langpack-en package, versions <2.26-28.amzn2.0.1

Report new vulnerabilities
medium severity
Do your applications use this vulnerable package? Test your applications

NVD Description

Note: Versions mentioned in the description apply to the upstream glibc-langpack-en package. See Remediation section below for Amzn:2 relevant versions.

Package updates are available for Amazon Linux 2 that fix the following vulnerabilities: CVE-2018-11236: stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution. 1581269: CVE-2018-11236 glibc: Integer overflow in stdlib/canonicalize.c on 32-bit architectures leading to stack-based buffer overflow CVE-2017-18269: 1580924: CVE-2017-18269 glibc: memory corruption in memcpy-sse2-unaligned.S An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution. CVE-2017-15804: The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator. 1505298: CVE-2017-15804 glibc: Buffer overflow during unescaping of user names with the ~ operator CVE-2017-15670: 1504804: CVE-2017-15670 glibc: Buffer overflow in glob with GLOB_TILDE The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.

Remediation

Upgrade Amzn:2 glibc-langpack-en to version 2.26-28.amzn2.0.1 or higher.

References

CVE
ALAS2-2018-1048
Snyk ID
SNYK-AMZN2-GLIBCLANGPACKEN-499482
Published
13 Nov, 2019