Bug 1705899
Summary: | glibc: Backport libio vtable validation improvements [rhel-7.6.z] | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | RAD team bot copy to z-stream <autobot-eus-copy> |
Component: | glibc | Assignee: | Florian Weimer <fweimer> |
Status: | CLOSED ERRATA | QA Contact: | Sergey Kolosov <skolosov> |
Severity: | urgent | Docs Contact: | |
Priority: | urgent | ||
Version: | 7.7 | CC: | alanm, andrew.jones, ashankar, codonell, cww, dj, dkochuka, fweimer, mcermak, mnewsome, pfrankli, pratshar, rvdwees, skolosov, sreber |
Target Milestone: | rc | Keywords: | Patch, ZStream |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | glibc-2.17-260.el7_6.6 | Doc Type: | Bug Fix |
Doc Text: |
Cause: libio vtable validation is a security hardening technique that aims to make it harder for attackers to injection libio vtables and functions pointers after exploiting a memory corruption vulnerability. However, some old i386 applications do supply their own vtables, so the validation needs to be disabled, and the original implementation did not do this for interposed stdio handles.
Consequence: Some old applications would fail with an error message, `Fatal error: glibc detected an invalid stdio handle`.
Fix: glibc now detects interposition of stdio handle data structures and disables vtable validation in that case.
Result: Old applications which were impacted by this defect work again.
|
Story Points: | --- |
Clone Of: | 1595191 | Environment: | |
Last Closed: | 2019-06-04 17:15:54 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1595191 | ||
Bug Blocks: |
Description
RAD team bot copy to z-stream
2019-05-03 07:48:05 UTC
Verified by upstream testsuite tests: libio/tst-vtables-interposed, libio/tst-vtables. Also verified with reproducer on x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=1595191#c1 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:1338 |