Scientific Linux Security Update : glibc on SL6.x i386/x86_64
High Nessus Plugin ID 60891
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionIt was discovered that the glibc dynamic linker/loader did not handle the $ORIGIN dynamic string token set in the LD_AUDIT environment variable securely. A local attacker with write access to a file system containing setuid or setgid binaries could use this flaw to escalate their privileges. (CVE-2010-3847)
It was discovered that the glibc dynamic linker/loader did not perform sufficient safety checks when loading dynamic shared objects (DSOs) to provide callbacks for its auditing API during the execution of privileged programs. A local attacker could use this flaw to escalate their privileges via a carefully-chosen system DSO library containing unsafe constructors. (CVE-2010-3856)
This update also fixes the following bugs :
- Previously, the generic implementation of the strstr() and memmem() functions did not handle certain periodic patterns correctly and could find a false positive match. This error has been fixed, and both functions now work as expected. (BZ#643341)
- The 'TCB_ALIGNMENT' value has been increased to 32 bytes to prevent applications from crashing during symbol resolution on 64-bit systems with support for Intel AVX vector registers. (BZ#643343)
SolutionUpdate the affected packages.