RHEL 7 : glibc (RHSA-2015:0327)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated glibc packages that fix two security issues and several bugs
are now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having Moderate
security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

The glibc packages provide the standard C libraries (libc), POSIX
thread libraries (libpthread), standard math libraries (libm), and the
Name Server Caching Daemon (nscd) used by multiple programs on the
system. Without these libraries, the Linux system cannot function
correctly.

An out-of-bounds read flaw was found in the way glibc's iconv()
function converted certain encoded data to UTF-8. An attacker able to
make an application call the iconv() function with a specially crafted
argument could use this flaw to crash that application.
(CVE-2014-6040)

It was found that the files back end of Name Service Switch (NSS) did
not isolate iteration over an entire database from key-based look-up
API calls. An application performing look-ups on a database while
iterating over it could enter an infinite loop, leading to a denial of
service. (CVE-2014-8121)

This update also fixes the following bugs :

* Due to problems with buffer extension and reallocation, the nscd
daemon terminated unexpectedly with a segmentation fault when
processing long netgroup entries. With this update, the handling of
long netgroup entries has been corrected and nscd no longer crashes in
the described scenario. (BZ#1138520)

* If a file opened in append mode was truncated with the ftruncate()
function, a subsequent ftell() call could incorrectly modify the file
offset. This update ensures that ftell() modifies the stream state
only when it is in append mode and the buffer for the stream is not
empty. (BZ#1156331)

* A defect in the C library headers caused builds with older compilers
to generate incorrect code for the btowc() function in the older
compatibility C++ standard library. Applications calling btowc() in
the compatibility C++ standard library became unresponsive. With this
update, the C library headers have been corrected, and the
compatibility C++ standard library shipped with Red Hat Enterprise
Linux has been rebuilt. Applications that rely on the compatibility
C++ standard library no longer hang when calling btowc(). (BZ#1120490)

* Previously, when using netgroups and the nscd daemon was set up to
cache netgroup information, the sudo utility denied access to valid
users. The bug in nscd has been fixed, and sudo now works in netgroups
as expected. (BZ#1080766)

Users of glibc are advised to upgrade to these updated packages, which
fix these issues.

See also :

https://www.redhat.com/security/data/cve/CVE-2014-6040.html
https://www.redhat.com/security/data/cve/CVE-2014-8121.html
http://rhn.redhat.com/errata/RHSA-2015-0327.html

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.8
(CVSS2#E:U/RL:ND/RC:UC)
Public Exploit Available : false

Family: Red Hat Local Security Checks

Nessus Plugin ID: 81630 ()

Bugtraq ID: 73038

CVE ID: CVE-2014-6040
CVE-2014-8121

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now