SCIENTIFIC-LINUX-USERS Archives

January 2015

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: CVE-2015-0235 / RHSA-2015:0092
From:
Steven Haigh <[log in to unmask]>
Reply To:
Steven Haigh <[log in to unmask]>
Date:
Wed, 28 Jan 2015 17:30:30 +1100
Content-Type:
multipart/signed
Parts/Attachments:
text/plain (4 kB) , signature.asc (4 kB) 
Hi all,

Looks like there is something wrong with the new glibc packages pushed
to address this.

With the following packages installed:
glibc-2.12-1.149.el6_6.5
glibc-common-2.12-1.149.el6_6.5

Many segfaults like:
sed[749]: segfault at 0 ip 00000030004c4800 sp 00007fff71c57038 error 6
in libc-2.12.so[3000400000+18a000]
sed[763]: segfault at 0 ip 00000030004c4800 sp 00007fff78303768 error 6
in libc-2.12.so[3000400000+18a000]
sed[785]: segfault at 0 ip 00000030004c4800 sp 00007fff1b4d04c8 error 6
in libc-2.12.so[3000400000+18a000]
sed[792]: segfault at 0 ip 00000030004c4800 sp 00007fffae46a6d8 error 6
in libc-2.12.so[3000400000+18a000]
grep[925]: segfault at 2a0 ip 00000030004c2003 sp 00007fffbb544dd0 error
6 in libc-2.12.so[3000400000+18a000]
grep[937]: segfault at 2a0 ip 00000030004c2003 sp 00007fff830c0130 error
6 in libc-2.12.so[3000400000+18a000]
sed[1028]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
in libc-2.12.so[3000400000+18a000]
sed[1050]: segfault at 0 ip 00000030004c4800 sp 00007fffbf52de08 error 6
in libc-2.12.so[3000400000+18a000]
sed[1055]: segfault at 0 ip 00000030004c4800 sp 00007fff15bde3f8 error 6
in libc-2.12.so[3000400000+18a000]
sed[1074]: segfault at 0 ip 00000030004c4800 sp 00007fff7bc97858 error 6
in libc-2.12.so[3000400000+18a000]
sed[1079]: segfault at 0 ip 00000030004c4800 sp 00007fff01b59ab8 error 6
in libc-2.12.so[3000400000+18a000]
grep[1180]: segfault at 2e0 ip 00000030004c2003 sp 00007fff58432e70
error 6 in libc-2.12.so[3000400000+18a000]
egrep[1427]: segfault at 320 ip 00000030004c2003 sp 00007fffda712ba0
error 6 in libc-2.12.so[3000400000+18a000]
smartd[1478]: segfault at 160 ip 00007f3978f56003 sp 00007fff0b2501b0
error 6 in libc-2.12.so[7f3978e94000+18a000]
xl[1489]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
in libc-2.12.so[3000400000+18a000]
xl[1491]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
in libc-2.12.so[3000400000+18a000]
xl[1495]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
in libc-2.12.so[3000400000+18a000]
xl[1497]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
in libc-2.12.so[3000400000+18a000]
xl[1501]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
in libc-2.12.so[3000400000+18a000]
xl[1503]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
in libc-2.12.so[3000400000+18a000]
xl[1618]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
in libc-2.12.so[3000400000+18a000]
xl[1619]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
in libc-2.12.so[3000400000+18a000]
sed[1652]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
in libc-2.12.so[3000400000+18a000]
sed[1661]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
in libc-2.12.so[3000400000+18a000]
sed[1671]: segfault at 0 ip 00000030004c4800 sp 00007fffb757a6b8 error 6
in libc-2.12.so[3000400000+18a000]
sed[1678]: segfault at 0 ip 00000030004c4800 sp 00007ffff1e3db48 error 6
in libc-2.12.so[3000400000+18a000]
sed[1688]: segfault at 0 ip 00000030004c4800 sp 00007fff550a3b68 error 6
in libc-2.12.so[3000400000+18a000]
sed[1708]: segfault at 0 ip 00000030004c4800 sp 00007fffe1127118 error 6
in libc-2.12.so[3000400000+18a000]
sed[1744]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
in libc-2.12.so[3000400000+18a000]
sed[1768]: segfault at 0 ip 00000030004c4800 sp 00007fffee010d28 error 6
in libc-2.12.so[3000400000+18a000]
sed[1775]: segfault at 0 ip 00000030004c4800 sp 00007fff13814028 error 6
in libc-2.12.so[3000400000+18a000]

Downgrading to 2.12-1.149.el6_6.4 gives me a working system again.


On 28/01/2015 11:44 AM, Steven Haigh wrote:
> As an FYI:
> 
> A heap-based buffer overflow was found in __nss_hostname_digits_dots(),
> which is used by the gethostbyname() and gethostbyname2() glibc function
> call. A remote attacker could use this flaw to execute arbitary code
> with the permissions of the user running the application.
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235
> 
> https://rhn.redhat.com/errata/RHSA-2015-0092.html
> 

-- 
Steven Haigh

Email: [log in to unmask]
Web: http://www.crc.id.au
Phone: (03) 9001 6090 - 0412 935 897

ATOM RSS1 RSS2