Bug 995839 (CVE-2013-4237)
| Summary: | CVE-2013-4237 glibc: Buffer overwrite when using readdir_r on file systems returning file names longer than NAME_MAX characters | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | ashankar, btotty, codonell, fweimer, jakub, jkurik, jlieskov, jrusnack, law, mfranc, mmcallis, pfrankli, sardella, schwab, spoyarek |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: |
An out-of-bounds write flaw was found in the way the glibc's readdir_r() function handled file system entries longer than the NAME_MAX character constant. A remote attacker could provide a specially crafted NTFS or CIFS file system that, when processed by an application using readdir_r(), would cause that application to crash or, potentially, allow the attacker to execute arbitrary code with the privileges of the user running the application.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-10-14 09:42:39 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 995841, 996227, 1111460 | ||
| Bug Blocks: | 856696, 1101912 | ||
|
Description
Jan Lieskovsky
2013-08-11 12:46:37 UTC
This issue affects the (latest) versions of the glibc package, as shipped with Fedora release of 18 and 19. Please schedule an update. Created glibc tracking bugs for this issue: Affects: fedora-all [bug 995841] This was assigned CVE-2013-4237: http://www.openwall.com/lists/oss-security/2013/08/12/8 patch pushed upstream: http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=91ce40854d0b7f865cf5024ef95a8026b76096f3 glibc-2.17-13.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. Mitigation: Do not open untrusted filesystem image files on production systems. Statement: This issue affects the versions of glibc as shipped with Red Hat Enterprise Linux 5. This issue is not planned to be fixed in Red Hat Enterprise Linux 5 as it is now in Production 3 Phase of the support and maintenance life cycle, https://access.redhat.com/support/policy/updates/errata/ IssueDescription: An out-of-bounds write flaw was found in the way the glibc's readdir_r() function handled file system entries longer than the NAME_MAX character constant. An attacker could provide a specially crafted NTFS or CIFS file system that, when processed by an application using readdir_r(), would cause that application to crash or, potentially, allow the attacker to execute arbitrary code with the privileges of the user running the application. This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2014:1391 https://rhn.redhat.com/errata/RHSA-2014-1391.html |