Advisories ยป MGASA-2015-0013

Updated glibc packages fix security vulnerabilities

Publication date: 08 Jan 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2012-3406 , CVE-2014-9402


The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc)
2.5, 2.12, and probably other versions does not "properly restrict the use of"
the alloca function when allocating the SPECS array, which allows context-
dependent attackers to bypass the FORTIFY_SOURCE format-string protection
mechanism and cause a denial of service (crash) or possibly execute arbitrary
code via a crafted format string using positional parameters and a large
number of format specifiers (CVE-2012-3406).

The nss_dns implementation of getnetbyname could run into an infinite loop
if the DNS response contained a PTR record of an unexpected format

Also glibc lock elision (new feature in glibc 2.18) has been disabled
as it can break glibc at runtime on newer Intel hardware (due to hardware