安全研究

安全漏洞
Glibc Malloc函数竞争条件漏洞

发布日期:2003-08-23
更新日期:2003-08-27

受影响系统:
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux AS 2.1 IA64
描述:
BUGTRAQ  ID: 8478

glibc是绝大多数Linux操作系统中C库的实现。

glibc包含的malloc函数在IA64平台上存在竞争条件问题,此问题可导致内存破坏。

目前没有详细漏洞细节提供。

<*来源:Red Hat Security Advisory
  
  链接:https://www.redhat.com/support/errata/RHSA-2003-249.html
*>

建议:
厂商补丁:

RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2003:249-11)以及相应补丁:
RHSA-2003:249-11:Updated glibc packages fix various issues
链接:https://www.redhat.com/support/errata/RHSA-2003-249.html

补丁下载:

Red Hat Enterprise Linux AS (v. 2.1)

--------------------------------------------------------------------------------

SRPMS:
glibc-2.2.4-32.8.src.rpm     779b9371ed6f3df44413d43439aedcdb
  
i386:
glibc-2.2.4-32.8.i386.rpm     a45f96f4d14dc6a7411699dae7929c2b
glibc-common-2.2.4-32.8.i386.rpm     4307ee9036a34fc75ac369b54560e8b8
glibc-devel-2.2.4-32.8.i386.rpm     d2a171dc3f0e406acb3089edc70add67
glibc-profile-2.2.4-32.8.i386.rpm     ed1d806491ef9bc28f435a7e6c8c8392
nscd-2.2.4-32.8.i386.rpm     7ada51ed827ebc1091f05c83186f0597
  
i686:
glibc-2.2.4-32.8.i686.rpm     ef0c8b62114ffdde63dafd6253c7e9d1
  
ia64:
glibc-2.2.4-32.8.ia64.rpm     3001471f06cdeb6dbe12a2dca31401a5
glibc-common-2.2.4-32.8.ia64.rpm     55f60657c2b2f320e2393f6441de56a2
glibc-devel-2.2.4-32.8.ia64.rpm     6e359bee323035b993214b6bfb89e903
glibc-profile-2.2.4-32.8.ia64.rpm     b17a6bdc87d729cd39b767694cdb8a26
nscd-2.2.4-32.8.ia64.rpm     74d03cd22fe036b2f181d3f6528b97fa
  
Red Hat Enterprise Linux ES (v. 2.1)

--------------------------------------------------------------------------------

SRPMS:
glibc-2.2.4-32.8.src.rpm     779b9371ed6f3df44413d43439aedcdb
  
i386:
glibc-2.2.4-32.8.i386.rpm     a45f96f4d14dc6a7411699dae7929c2b
glibc-common-2.2.4-32.8.i386.rpm     4307ee9036a34fc75ac369b54560e8b8
glibc-devel-2.2.4-32.8.i386.rpm     d2a171dc3f0e406acb3089edc70add67
glibc-profile-2.2.4-32.8.i386.rpm     ed1d806491ef9bc28f435a7e6c8c8392
nscd-2.2.4-32.8.i386.rpm     7ada51ed827ebc1091f05c83186f0597
  
i686:
glibc-2.2.4-32.8.i686.rpm     ef0c8b62114ffdde63dafd6253c7e9d1
  
Red Hat Enterprise Linux WS (v. 2.1)

--------------------------------------------------------------------------------

SRPMS:
glibc-2.2.4-32.8.src.rpm     779b9371ed6f3df44413d43439aedcdb
  
i386:
glibc-2.2.4-32.8.i386.rpm     a45f96f4d14dc6a7411699dae7929c2b
glibc-common-2.2.4-32.8.i386.rpm     4307ee9036a34fc75ac369b54560e8b8
glibc-devel-2.2.4-32.8.i386.rpm     d2a171dc3f0e406acb3089edc70add67
glibc-profile-2.2.4-32.8.i386.rpm     ed1d806491ef9bc28f435a7e6c8c8392
nscd-2.2.4-32.8.i386.rpm     7ada51ed827ebc1091f05c83186f0597
  
i686:
glibc-2.2.4-32.8.i686.rpm     ef0c8b62114ffdde63dafd6253c7e9d1
  
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor

--------------------------------------------------------------------------------

SRPMS:
glibc-2.2.4-32.8.src.rpm     779b9371ed6f3df44413d43439aedcdb
  
ia64:
glibc-2.2.4-32.8.ia64.rpm     3001471f06cdeb6dbe12a2dca31401a5
glibc-common-2.2.4-32.8.ia64.rpm     55f60657c2b2f320e2393f6441de56a2
glibc-devel-2.2.4-32.8.ia64.rpm     6e359bee323035b993214b6bfb89e903
glibc-profile-2.2.4-32.8.ia64.rpm     b17a6bdc87d729cd39b767694cdb8a26
nscd-2.2.4-32.8.ia64.rpm     74d03cd22fe036b2f181d3f6528b97fa

上述包可以在如下地址获得:

http://rhn.redhat.com/

浏览次数:3222
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障