id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc
1185	GLIBC 2.26 GLOB_TILDE exploit	William Harrington	clfs-commits@…	"'''Major vulnerability'''

Refer to the following URL's
(CVE-2017-15670, CVE-2017-15671, CVE-2017-15804):

* [https://sourceware.org/bugzilla/show_bug.cgi?id=22320]
* [https://sourceware.org/bugzilla/show_bug.cgi?id=22325]
* [https://sourceware.org/bugzilla/show_bug.cgi?id=22332]

Attached a patch for GLIBC 2.26 until 2.27 is released.

With the patch, not running a patched glibc on the system:

* FAIL: posix/tst-glob-tilde
* FAIL: posix/tst-glob-tilde-mem

 
{{{
posix/tst-glob-tilde.out
Didn't expect signal from child: got `Aborted'
}}}

{{{
posix/tst-glob-tilde-mem.out

Memory not freed:
-----------------
           Address     Size     Caller
0x00007f6d0f2a4010  0x7a131  at 0x402c8d
0x00007f6d10ccd8e0  0x1869a  at 0x7f6d0edf4ab5
0x00007f6d10cfbc90  0x18694  at 0x7f6d0edf4ab5
0x00007f6d10d14330  0x1869b  at 0x7f6d0edf4ab5
0x00007f6d10d39180  0x18695  at 0x7f6d0edf4ab5
0x00007f6d10d69ec0  0x18696  at 0x7f6d0edf4ab5
0x00007f6d10d82560  0x186a0  at 0x7f6d0ed8e6f7
0x00007f6d10d9ac10  0x1869c  at 0x7f6d0edf4ab5
}}}"	task	new	critical	CLFS Standard 3.1.0	BOOK	CLFS Standard GIT		glibc glob tilde exploit	berzerkula@… jonathan@… chris@… cross-lfs@…