Bug 1731964 (CVE-2019-1010022) - CVE-2019-1010022 glibc: stack guard protection bypass
Summary: CVE-2019-1010022 glibc: stack guard protection bypass
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2019-1010022
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1546607 1731965
Blocks: 1731971
TreeView+ depends on / blocked
 
Reported: 2019-07-22 12:43 UTC by msiddiqu
Modified: 2021-06-11 04:57 UTC (History)
14 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-08-23 04:03:59 UTC
Embargoed:

Attachments (Terms of Use)

Description msiddiqu 2019-07-22 12:43:35 UTC 
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. 
 
References:  

https://sourceware.org/bugzilla/show_bug.cgi?id=22850
Comment 1 msiddiqu 2019-07-22 12:43:50 UTC 
Created glibc tracking bugs for this issue:

Affects: fedora-all [bug 1731965]
Comment 2 Huzaifa S. Sidhpurwala 2019-07-24 05:43:34 UTC 
As per upstream (https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c1), this is a known flaw in the way stack canaries are implemented in by glibc. Proposed solutions include moving the TCB structure away from the stack and/or generating a new canary for each new thread, both of these changes are intrusive since they have an impact on the core structures and algorithms.

Red Hat packages may be updated, once patches land upstream.

This flaw has been marked as having Moderate impact because stack canaries are essentially a post-attack mitigation. Therefore this is not really a security flaw in glibc.
Note You need to log in before you can comment on or make changes to this bug.