OracleVM 3.3 : glibc (OVMSA-2014-0017)

High Nessus Plugin ID 79539

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 6.7

Synopsis

The remote OracleVM host is missing one or more security updates.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

- Remove gconv transliteration loadable modules support (CVE-2014-5119, - _nl_find_locale: Improve handling of crafted locale names (CVE-2014-0475,

- Don't use alloca in addgetnetgrentX (#1087789).

- Adjust pointers to triplets in netgroup query data (#1087789).

- Return EAI_AGAIN for AF_UNSPEC when herrno is TRY_AGAIN (#1098050).

- Fix race in free of fastbin chunk (#1091162).

- Revert the addition of gettimeofday vDSO function for ppc and ppc64 until OPD VDSO function call issues are resolved (#1026533).

- Call gethostbyname4_r only for PF_UNSPEC (#1022022).

- Fix integer overflows in *valloc and memalign.
(#1008310).

- Initialize res_hconf in nscd (#970090).

- Update previous patch for dcigettext.c and loadmsgcat.c (#834386).

- Save search paths before performing relro protection (#988931).

- Correctly name the 240-bit slow path sytemtap probe slowpow_p10 for slowpow (#905575).

- Align value of stacksize in nptl-init (#663641).

- Renamed release engineering directory from 'fedora' to `releng' (#903754).

- Backport GLIBC sched_getcpu and gettimeofday vDSO functions for ppc (#929302).

- Fall back to local DNS if resolv.conf does not define nameservers (#928318).

- Add systemtap probes to slowexp and slowpow (#905575).

- Fix getaddrinfo stack overflow resulting in application crash (CVE-2013-1914, #951213).

- Fix multibyte character processing crash in regexp (CVE-2013-0242, #951213).

- Add netgroup cache support for nscd (#629823).

- Fix multiple nss_compat initgroups bugs (#966778).

- Don't use simple lookup for AF_INET when AI_CANONNAME is set (#863384).

- Add MAP_HUGETLB and MAP_STACK support (#916986).

- Update translation for stale file handle error (#970776).

- Improve performance of _SC_NPROCESSORS_ONLN (#rh952422).

- Fix up _init in pt-initfini to accept arguments (#663641).

- Set reasonable limits on xdr requests to prevent memory leaks (#848748).

- Fix mutex locking for PI mutexes on spurious wake-ups on pthread condvars (#552960).

- New environment variable GLIBC_PTHREAD_STACKSIZE to set thread stack size (#663641).

- Improved handling of recursive calls in backtrace (#868808).

- The ttyname and ttyname_r functions on Linux now fall back to searching for the tty file descriptor in /dev/pts or /dev if /proc is not available. This allows creation of chroots without the procfs mounted on /proc.
(#851470)

- Don't free rpath strings allocated during startup until after ld.so is re-relocated. (#862094)

- Consistantly MANGLE/DEMANGLE function pointers. Fix use after free in dcigettext.c (#834386).

- Change rounding mode only when necessary (#966775).

- Backport of code to allow incremental loading of library list (#886968).

- Fix loading of audit libraries when TLS is in use (#919562)

- Fix application of SIMD FP exception mask (#929388).

Solution

Update the affected glibc / glibc-common / nscd packages.

See Also

http://www.nessus.org/u?2eb23e08

Plugin Details

Severity: High

ID: 79539

File Name: oraclevm_OVMSA-2014-0017.nasl

Version: 1.9

Type: local

Published: 2014/11/26

Updated: 2021/01/04

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 6.7

CVSS v2.0

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:glibc, p-cpe:/a:oracle:vm:glibc-common, p-cpe:/a:oracle:vm:nscd, cpe:/o:oracle:vm_server:3.3

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/09/03

Vulnerability Publication Date: 2013/02/08

Reference Information

CVE: CVE-2013-0242, CVE-2013-1914, CVE-2014-0475, CVE-2014-5119

BID: 57638, 58839, 68505, 68983, 69738