LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

January 2015

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS January 2015

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: CVE-2015-0235 / RHSA-2015:0092
From:	Steven Haigh <[log in to unmask]>
Reply To:	Steven Haigh <[log in to unmask]>
Date:	Wed, 28 Jan 2015 18:41:27 +1100
Content-Type:	multipart/signed
Parts/Attachments:	text/plain (4 kB) , signature.asc (4 kB)

Hi again all,

This might be a false alarm.

I tried to do more testing on different systems and have been unable to
reproduce this... I did a full package check and all was good.
Reinstalled the latest updates to glibc and things worked properly this
time.

If you want extra safety, for this upgrade, make sure you have a copy of
the old packages in case you find a problem too...

On 28/01/2015 5:30 PM, Steven Haigh wrote:
> Hi all,
> 
> Looks like there is something wrong with the new glibc packages pushed
> to address this.
> 
> With the following packages installed:
> glibc-2.12-1.149.el6_6.5
> glibc-common-2.12-1.149.el6_6.5
> 
> Many segfaults like:
> sed[749]: segfault at 0 ip 00000030004c4800 sp 00007fff71c57038 error 6
> in libc-2.12.so[3000400000+18a000]
> sed[763]: segfault at 0 ip 00000030004c4800 sp 00007fff78303768 error 6
> in libc-2.12.so[3000400000+18a000]
> sed[785]: segfault at 0 ip 00000030004c4800 sp 00007fff1b4d04c8 error 6
> in libc-2.12.so[3000400000+18a000]
> sed[792]: segfault at 0 ip 00000030004c4800 sp 00007fffae46a6d8 error 6
> in libc-2.12.so[3000400000+18a000]
> grep[925]: segfault at 2a0 ip 00000030004c2003 sp 00007fffbb544dd0 error
> 6 in libc-2.12.so[3000400000+18a000]
> grep[937]: segfault at 2a0 ip 00000030004c2003 sp 00007fff830c0130 error
> 6 in libc-2.12.so[3000400000+18a000]
> sed[1028]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
> in libc-2.12.so[3000400000+18a000]
> sed[1050]: segfault at 0 ip 00000030004c4800 sp 00007fffbf52de08 error 6
> in libc-2.12.so[3000400000+18a000]
> sed[1055]: segfault at 0 ip 00000030004c4800 sp 00007fff15bde3f8 error 6
> in libc-2.12.so[3000400000+18a000]
> sed[1074]: segfault at 0 ip 00000030004c4800 sp 00007fff7bc97858 error 6
> in libc-2.12.so[3000400000+18a000]
> sed[1079]: segfault at 0 ip 00000030004c4800 sp 00007fff01b59ab8 error 6
> in libc-2.12.so[3000400000+18a000]
> grep[1180]: segfault at 2e0 ip 00000030004c2003 sp 00007fff58432e70
> error 6 in libc-2.12.so[3000400000+18a000]
> egrep[1427]: segfault at 320 ip 00000030004c2003 sp 00007fffda712ba0
> error 6 in libc-2.12.so[3000400000+18a000]
> smartd[1478]: segfault at 160 ip 00007f3978f56003 sp 00007fff0b2501b0
> error 6 in libc-2.12.so[7f3978e94000+18a000]
> xl[1489]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
> in libc-2.12.so[3000400000+18a000]
> xl[1491]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
> in libc-2.12.so[3000400000+18a000]
> xl[1495]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
> in libc-2.12.so[3000400000+18a000]
> xl[1497]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
> in libc-2.12.so[3000400000+18a000]
> xl[1501]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
> in libc-2.12.so[3000400000+18a000]
> xl[1503]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
> in libc-2.12.so[3000400000+18a000]
> xl[1618]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
> in libc-2.12.so[3000400000+18a000]
> xl[1619]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
> in libc-2.12.so[3000400000+18a000]
> sed[1652]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
> in libc-2.12.so[3000400000+18a000]
> sed[1661]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
> in libc-2.12.so[3000400000+18a000]
> sed[1671]: segfault at 0 ip 00000030004c4800 sp 00007fffb757a6b8 error 6
> in libc-2.12.so[3000400000+18a000]
> sed[1678]: segfault at 0 ip 00000030004c4800 sp 00007ffff1e3db48 error 6
> in libc-2.12.so[3000400000+18a000]
> sed[1688]: segfault at 0 ip 00000030004c4800 sp 00007fff550a3b68 error 6
> in libc-2.12.so[3000400000+18a000]
> sed[1708]: segfault at 0 ip 00000030004c4800 sp 00007fffe1127118 error 6
> in libc-2.12.so[3000400000+18a000]
> sed[1744]: segfault at 0 ip 00000030004c2091 sp           (null) error 6
> in libc-2.12.so[3000400000+18a000]
> sed[1768]: segfault at 0 ip 00000030004c4800 sp 00007fffee010d28 error 6
> in libc-2.12.so[3000400000+18a000]
> sed[1775]: segfault at 0 ip 00000030004c4800 sp 00007fff13814028 error 6
> in libc-2.12.so[3000400000+18a000]
> 
> Downgrading to 2.12-1.149.el6_6.4 gives me a working system again.
> 
> 
> On 28/01/2015 11:44 AM, Steven Haigh wrote:
>> As an FYI:
>>
>> A heap-based buffer overflow was found in __nss_hostname_digits_dots(),
>> which is used by the gethostbyname() and gethostbyname2() glibc function
>> call. A remote attacker could use this flaw to execute arbitary code
>> with the permissions of the user running the application.
>>
>> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235
>>
>> https://rhn.redhat.com/errata/RHSA-2015-0092.html
>>
> 

-- 
Steven Haigh

Email: [log in to unmask]
Web: http://www.crc.id.au
Phone: (03) 9001 6090 - 0412 935 897

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV