CVE-2022-39046: An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap. Patch is 52a5be0df411ef3ff45c10c7c308cb92993d15b1: commit 52a5be0df411ef3ff45c10c7c308cb92993d15b1 Author: Adhemerval Zanella <adhemerval.zanella@linaro.org> Date: Sun Aug 28 16:52:53 2022 -0300 syslog: Fix large messages (BZ#29536) The a583b6add407c17cd change did not handle large messages that would require a heap allocation correctly, where the message itself is not take in consideration. This patch fixes it and extend the tst-syslog to check for large messages as well. Checked on x86_64-linux-gnu. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Fixed in our 2.36-r5, already stable.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=67a7c931b9e46159493205e847aa1ec3d1dc7ef0 commit 67a7c931b9e46159493205e847aa1ec3d1dc7ef0 Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2022-12-05 23:47:58 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2022-12-05 23:48:36 +0000 package.mask: Extend old glibc mask, bug 867952 Bug: https://bugs.gentoo.org/867952 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org> profiles/package.mask | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
All vulnerable versions masked. No cleanup.
My understanding is this bug was introduced in 2.36, fixed in 2.37 and the fix backported to 2.36. 2.35 and lower are unaffected. Or am I missing something?
(In reply to Eddie Chapman from comment #4) > My understanding is this bug was introduced in 2.36, fixed in 2.37 and the > fix backported to 2.36. 2.35 and lower are unaffected. Or am I missing > something? That seems right (but I'm not really familiar with glibc, just gleaned this from poking around in git a bit)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=029e12731f29676d3f6ebed09f7747ee6e15c5e8 commit 029e12731f29676d3f6ebed09f7747ee6e15c5e8 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-10-04 08:02:08 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-10-04 08:02:41 +0000 [ GLSA 202310-03 ] glibc: Multiple vulnerabilities Bug: https://bugs.gentoo.org/867952 Bug: https://bugs.gentoo.org/914281 Bug: https://bugs.gentoo.org/915127 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202310-03.xml | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+)
