Summary: | <sys-libs/glibc-{2.37-r7,2.38-r5}: Local Privilege Escalation in ld.so | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | critical | CC: | bertrand, chaneybenjamini, flow, foufou33, ole+gentoo, sping, t-mo, toolchain |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.openwall.com/lists/oss-security/2023/10/03/2 | ||
Whiteboard: | A1 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 915142 | ||
Bug Blocks: |
Description
Sam James
2023-10-03 17:58:11 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cf5480111cf4da127f6089fef7c2880e4f03cb48 commit cf5480111cf4da127f6089fef7c2880e4f03cb48 Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2023-10-03 18:05:32 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2023-10-03 18:05:32 +0000 sys-libs/glibc: 2.37 patchlevel 10 bump Bug: https://bugs.gentoo.org/915127 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org> sys-libs/glibc/Manifest | 1 + sys-libs/glibc/glibc-2.37-r7.ebuild | 1680 +++++++++++++++++++++++++++++++++++ 2 files changed, 1681 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0e9ec2c1795c6528ca1ef440a45b0be7d3ff2d6e commit 0e9ec2c1795c6528ca1ef440a45b0be7d3ff2d6e Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2023-10-03 18:11:18 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2023-10-03 18:11:45 +0000 sys-libs/glibc: 2.38 patchlevel 5 bump Bug: https://bugs.gentoo.org/915127 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org> sys-libs/glibc/Manifest | 1 + sys-libs/glibc/glibc-2.38-r5.ebuild | 1706 +++++++++++++++++++++++++++++++++++ 2 files changed, 1707 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9dac73faec799d2c7240f5545582cf70b8e33c49 commit 9dac73faec799d2c7240f5545582cf70b8e33c49 Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2023-10-03 21:13:19 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2023-10-03 21:13:45 +0000 sys-libs/glibc: keyword 2.37-r7 Bug: https://bugs.gentoo.org/915127 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org> sys-libs/glibc/glibc-2.37-r7.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7d47811b1b91485d359aa8bdeab275a82a105e73 commit 7d47811b1b91485d359aa8bdeab275a82a105e73 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-10-03 21:41:08 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-10-03 21:41:08 +0000 sys-libs/glibc: keyword 2.38-r5 Bug: https://bugs.gentoo.org/915127 Signed-off-by: Sam James <sam@gentoo.org> sys-libs/glibc/glibc-2.38-r5.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) GLSA request filed. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=029e12731f29676d3f6ebed09f7747ee6e15c5e8 commit 029e12731f29676d3f6ebed09f7747ee6e15c5e8 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-10-04 08:02:08 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-10-04 08:02:41 +0000 [ GLSA 202310-03 ] glibc: Multiple vulnerabilities Bug: https://bugs.gentoo.org/867952 Bug: https://bugs.gentoo.org/914281 Bug: https://bugs.gentoo.org/915127 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202310-03.xml | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) |