Opened 7 years ago
Last modified 7 years ago
#1185 new task
GLIBC 2.26 GLOB_TILDE exploit
| Reported by: | William Harrington | Owned by: | |
|---|---|---|---|
| Priority: | critical | Milestone: | CLFS Standard 3.1.0 |
| Component: | BOOK | Version: | CLFS Standard GIT |
| Keywords: | glibc glob tilde exploit | Cc: | berzerkula@…, jonathan@…, chris@…, cross-lfs@… |
Description
Major vulnerability
Refer to the following URL's (CVE-2017-15670, CVE-2017-15671, CVE-2017-15804):
- https://sourceware.org/bugzilla/show_bug.cgi?id=22320
- https://sourceware.org/bugzilla/show_bug.cgi?id=22325
- https://sourceware.org/bugzilla/show_bug.cgi?id=22332
Attached a patch for GLIBC 2.26 until 2.27 is released.
With the patch, not running a patched glibc on the system:
- FAIL: posix/tst-glob-tilde
- FAIL: posix/tst-glob-tilde-mem
posix/tst-glob-tilde.out Didn't expect signal from child: got `Aborted'
posix/tst-glob-tilde-mem.out
Memory not freed:
-----------------
Address Size Caller
0x00007f6d0f2a4010 0x7a131 at 0x402c8d
0x00007f6d10ccd8e0 0x1869a at 0x7f6d0edf4ab5
0x00007f6d10cfbc90 0x18694 at 0x7f6d0edf4ab5
0x00007f6d10d14330 0x1869b at 0x7f6d0edf4ab5
0x00007f6d10d39180 0x18695 at 0x7f6d0edf4ab5
0x00007f6d10d69ec0 0x18696 at 0x7f6d0edf4ab5
0x00007f6d10d82560 0x186a0 at 0x7f6d0ed8e6f7
0x00007f6d10d9ac10 0x1869c at 0x7f6d0edf4ab5
Attachments (2)
Change History (3)
by , 7 years ago
| Attachment: | glibc-2.26-glob_exploit-1.patch added |
|---|
comment:1 by , 7 years ago
Updated the patch with latest glob changes in glibc 2.26 master, which effectively is 2.26.1 now if you look at the NEWS file.
- PASS: posix/tst-glob-tilde-mem original
exit status 0
- PASS: posix/tst-glob-tilde original
exit status 0
The attached filename is glibc-2.26-glob_fixes-1.patch
by , 7 years ago
| Attachment: | glibc-2.26-glob_fixes-1.patch added |
|---|
Updated glob tilde fixes from https://git.launchpad.net/glibc/?h=ibm%2F2.26%2Fmaster
Note:
See TracTickets
for help on using tickets.
GLIBC 2.26 GLOB TILDE exploit fixes