Advisories ยป MGASA-2018-0098

Updated glibc packages fix security vulnerabilities

Publication date: 25 Jan 2018
Modification date: 25 Jan 2018
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-16997 , CVE-2018-1000001

Description

An issue in the code handling RPATHs was fixed that could have been
exploited by an attacker to execute code loaded from arbitrary
libraries (CVE-2017-16997).

A privilege escalation bug in the realpath() function when the getcwd()
system call doesn't return a valid absolute pathname (CVE-2018-1000001).
                

References

SRPMS

5/core