Scientific Linux Security Update : glibc on SL5.x i386/x86_64

This script is Copyright (C) 2013 Tenable Network Security, Inc.

Synopsis :

The remote Scientific Linux host is missing one or more security

Description :

Multiple integer overflow flaws, leading to heap-based buffer
overflows, were found in glibc's memory allocator functions (pvalloc,
valloc, and memalign). If an application used such a function, it
could cause the application to crash or, potentially, execute
arbitrary code with the privileges of the user running the
application. (CVE-2013-4332)

This update also fixes the following bug :

- Prior to this update, the size of the L3 cache in
certain CPUs for SMP (Symmetric Multiprocessing) servers
was not correctly detected. The incorrect cache size
detection resulted in less than optimal performance for
routines that used this information, including the
memset() function. To fix this bug, the cache size
detection has been corrected and core routines including
memset() have their performance restored to expected

See also :

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 4.3

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 70393 ()

Bugtraq ID:

CVE ID: CVE-2013-4332

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now