FEDORA-2018-7714b514e2

security update in Fedora 27 for glibc

Status: stable 2 years ago

This update addresses two security vulnerabilities:

  • CVE-2017-16997: Check for empty tokens before dynamic string token expansion in the dynamic linker, so that pre-existing privileged programs with $ORIGIN rpaths/runpaths do not cause the dynamic linker to search the current directory, potentially leading to privilege escalation. (#1526866).
  • CVE-2018-1000001: getcwd would sometimes return a non-absolute path, confusing the realpath function, leading to privilege escalation in conjunction with user namespaces. (#1533837)

In addition, this update changes the thread stack size accounting to provide additional stack space compared to previous glibc versions. For some applications (nptd in particular), the PTHREAD_STACK_MIN stack size was too small on x86-64 machines with AVX-512 support (#1527887).

Reboot Required

After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

Comments 11

This update has been submitted for testing by fweimer.

  • System operates without any conspicuous issues.

  • Successfully passed all custom kernel compilations.

karma: +1

This update has been pushed to testing.

works

karma: +1

This update has been submitted for batched by bodhi.

Works

karma: +1

works for me; ntpd is now happy on Silver 4114 Xeon CPU where it was previously dumping core

Works fine for me on x86_64.

karma: +1

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
+5
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 2 years ago
in testing 2 years ago
in stable 2 years ago

Related Bugs 3

00 #1526866 CVE-2017-16997 glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary libraries [fedora-all]
00 #1527887 glibc: PTHREAD_STACK_MIN is too small on x86-64
00 #1533837 CVE-2018-1000001 glibc: realpath() buffer underflow when getcwd() returns relative path allows privilege escalation [fedora-all]

Automated Test Results