[security-announce] eglibc: Security update

Sona Sarmadi sona.sarmadi at enea.com
Fri Feb 20 17:10:23 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

		Enea Linux Security Advisory

=========================================================
Product/package: eglibc
Severity: Moderate
Issue date: 2015-02-19
CVE Names:  CVE-2012-3406 printf() unbound alloca() usage
in case of positional parameters + many format specs
Layer: meta
=========================================================
This security patch fixes a vulnerability in eglibc.

README file: 0043-eglibc-CVE-2012-3406.README
Patch file: 0043-eglibc-CVE-2012-3406.patch

Description
===========
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka
glibci/eglibc) 2.5, 2.12, and probably other versions does not
"properly  restrict the use of" the alloca function when allocating
the SPECS array,  which allows context-dependent attackers to bypass
the FORTIFY_SOURCE format-string protection mechanism and cause a
denial of service (crash) or possibly execute arbitrary code via a
crafted format string using  positional parameters and a large number
of format specifiers.

References
==========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3406
https://sourceware.org/bugzilla/show_bug.cgi?id=16617

How to apply the patches
=======================
- - Preparation
Make sure that you have an installation of Enea Linux and have
applied the existing patches in the right order

wget http://linux.enea.com/4.0/Enea-Linux-4.0.tar.gz
tar zxf Enea-Linux-4.0.tar.gz
cd Enea-Linux-4.0/poky/
<Fetch and apply the existing patches >

- - Fetch and apply the new patch
wget http://linux.enea.com/4.0/patches/0043-eglibc-CVE-2012-3406.patch
patch -p1 < ./0043-eglibc-CVE-2012-3406.patch

If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com

This message, including attachments, is CONFIDENTIAL. It may also be
privileged or otherwise protected by law. If you received this email
by mistake please let us know by reply and then delete it from your
system; you should not copy it or disclose its contents to anyone.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJU51xvAAoJEHc+9u9ocWoUy54P/2C35teJfU2JxJBp9LihZ02U
rdxuNeOpVYiV1AV/od7UXf7a65bYTDZVdEmidyArlwpBc2YFVhlHxEoPY5jEAbmJ
yg/xwv3Fy2qa+b0w/OPMbzsLszOXIRgPZzfvoxvOxQkA6apH8/3zqbqOa/g2Jpq8
EY3ig0300Ay1JWxEbynpPK+vq2OK0OGEGRrXPv1aRh0iRgRWVuYQYdmP0Y1xP0D/
AG9L+8EDQgvwWvtMSojqKO4OP4CDj2nUQY9mKAc7rKv3M1VhNGmgE0IaVR9gDjWn
ajmw5BU7hvE6UOj1eXZ7fGsFr63D0BRZmNqAY8pqXBXuCwmx+Fv9+74IFM3Jr1b0
gZSnM9jq2GTxtVtZEU/fmH6DBVEZd9tScfZcX8R0r++NyqY0+kYD2mz0c7BC9RGo
NTg3B6TAF+k4fIvIYOg80xcDxs3MPvTG9iPKa3IqqnvzzXbtmSlhrhGM+i8xjCSB
NCfqb4Q0AiPaZHoUpNFCWkpYxI97DgegIFNhN1XSPRFnDiD+5W4CkYOh9Oy8AZdz
wMqV3EcCVcRYF7D06i5FBHplAdeoJYQ27Kio0lKx7Uf3hhF1OUIjKQpXbJAISPpu
9cURpuc2mY262ypV6Hm7p/Sq40Kcr8qcIJwQVN/csWiblSF768sRrA6cXlTEvW+m
4oWTKsX6XPXCUQAs0qJK
=MEJ2
-----END PGP SIGNATURE-----



More information about the security-announce mailing list