Oval Definition:oval:org.opensuse.security:def:79361
Revision Date:2018-01-12Version:1
Title:Security update for glibc (Important)
Description:

This update for glibc fixes the following issues:

- A privilege escalation bug in the realpath() function has been fixed. [CVE-2018-1000001, bsc#1074293]

- A memory leak and a buffer overflow in the dynamic ELF loader has been fixed. [CVE-2017-1000408, CVE-2017-1000409, bsc#1071319]

- An issue in the code handling RPATHs was fixed that could have been exploited by an attacker to execute code loaded from arbitrary libraries. [CVE-2017-16997, bsc#1073231]

- A potential crash caused by a use-after-free bug in pthread_create() has been fixed. [bsc#1053188]

- A bug that prevented users to build shared objects which use the optimized libmvec.so API has been fixed. [bsc#1070905]

- A memory leak in the glob() function has been fixed. [CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569, bsc#1064580, bsc#1064583]

- A bug that would lose the syscall error code value in case of crashes has been fixed. [bsc#1063675]
Family:unixClass:patch
Status:Reference(s):1051042
1053188
1063675
1064569
1064580
1064583
1070905
1071319
1073231
1074293
CVE-2017-1000408
CVE-2017-1000409
CVE-2017-15670
CVE-2017-15671
CVE-2017-15804
CVE-2017-16997
CVE-2018-1000001
SUSE-SU-2018:0074-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • glibc-2.22-62.3.4 is installed
  • OR glibc-32bit-2.22-62.3.4 is installed
  • OR glibc-devel-2.22-62.3.4 is installed
  • OR glibc-devel-32bit-2.22-62.3.4 is installed
  • OR glibc-i18ndata-2.22-62.3.4 is installed
  • OR glibc-locale-2.22-62.3.4 is installed
  • OR glibc-locale-32bit-2.22-62.3.4 is installed
  • OR nscd-2.22-62.3.4 is installed
    • BACK