NSFOCUS绿盟科技

首页 -> 安全研究

安全研究

安全漏洞

Glibc Malloc函数竞争条件漏洞

发布日期：2003-08-23
更新日期：2003-08-27

受影响系统：

RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux AS 2.1 IA64

描述：

BUGTRAQ  ID: 8478

glibc是绝大多数Linux操作系统中C库的实现。

glibc包含的malloc函数在IA64平台上存在竞争条件问题，此问题可导致内存破坏。

目前没有详细漏洞细节提供。

<*来源：Red Hat Security Advisory

  链接：https://www.redhat.com/support/errata/RHSA-2003-249.html
*>

建议：

厂商补丁：

RedHat
------
RedHat已经为此发布了一个安全公告（RHSA-2003:249-11）以及相应补丁:
RHSA-2003:249-11：Updated glibc packages fix various issues
链接：https://www.redhat.com/support/errata/RHSA-2003-249.html

补丁下载：

Red Hat Enterprise Linux AS (v. 2.1)

--------------------------------------------------------------------------------

SRPMS:
glibc-2.2.4-32.8.src.rpm     779b9371ed6f3df44413d43439aedcdb

i386:
glibc-2.2.4-32.8.i386.rpm     a45f96f4d14dc6a7411699dae7929c2b
glibc-common-2.2.4-32.8.i386.rpm     4307ee9036a34fc75ac369b54560e8b8
glibc-devel-2.2.4-32.8.i386.rpm     d2a171dc3f0e406acb3089edc70add67
glibc-profile-2.2.4-32.8.i386.rpm     ed1d806491ef9bc28f435a7e6c8c8392
nscd-2.2.4-32.8.i386.rpm     7ada51ed827ebc1091f05c83186f0597

i686:
glibc-2.2.4-32.8.i686.rpm     ef0c8b62114ffdde63dafd6253c7e9d1

ia64:
glibc-2.2.4-32.8.ia64.rpm     3001471f06cdeb6dbe12a2dca31401a5
glibc-common-2.2.4-32.8.ia64.rpm     55f60657c2b2f320e2393f6441de56a2
glibc-devel-2.2.4-32.8.ia64.rpm     6e359bee323035b993214b6bfb89e903
glibc-profile-2.2.4-32.8.ia64.rpm     b17a6bdc87d729cd39b767694cdb8a26
nscd-2.2.4-32.8.ia64.rpm     74d03cd22fe036b2f181d3f6528b97fa

Red Hat Enterprise Linux ES (v. 2.1)

--------------------------------------------------------------------------------

SRPMS:
glibc-2.2.4-32.8.src.rpm     779b9371ed6f3df44413d43439aedcdb

i386:
glibc-2.2.4-32.8.i386.rpm     a45f96f4d14dc6a7411699dae7929c2b
glibc-common-2.2.4-32.8.i386.rpm     4307ee9036a34fc75ac369b54560e8b8
glibc-devel-2.2.4-32.8.i386.rpm     d2a171dc3f0e406acb3089edc70add67
glibc-profile-2.2.4-32.8.i386.rpm     ed1d806491ef9bc28f435a7e6c8c8392
nscd-2.2.4-32.8.i386.rpm     7ada51ed827ebc1091f05c83186f0597

i686:
glibc-2.2.4-32.8.i686.rpm     ef0c8b62114ffdde63dafd6253c7e9d1

Red Hat Enterprise Linux WS (v. 2.1)

--------------------------------------------------------------------------------

SRPMS:
glibc-2.2.4-32.8.src.rpm     779b9371ed6f3df44413d43439aedcdb

i386:
glibc-2.2.4-32.8.i386.rpm     a45f96f4d14dc6a7411699dae7929c2b
glibc-common-2.2.4-32.8.i386.rpm     4307ee9036a34fc75ac369b54560e8b8
glibc-devel-2.2.4-32.8.i386.rpm     d2a171dc3f0e406acb3089edc70add67
glibc-profile-2.2.4-32.8.i386.rpm     ed1d806491ef9bc28f435a7e6c8c8392
nscd-2.2.4-32.8.i386.rpm     7ada51ed827ebc1091f05c83186f0597

i686:
glibc-2.2.4-32.8.i686.rpm     ef0c8b62114ffdde63dafd6253c7e9d1

Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor

--------------------------------------------------------------------------------

SRPMS:
glibc-2.2.4-32.8.src.rpm     779b9371ed6f3df44413d43439aedcdb

ia64:
glibc-2.2.4-32.8.ia64.rpm     3001471f06cdeb6dbe12a2dca31401a5
glibc-common-2.2.4-32.8.ia64.rpm     55f60657c2b2f320e2393f6441de56a2
glibc-devel-2.2.4-32.8.ia64.rpm     6e359bee323035b993214b6bfb89e903
glibc-profile-2.2.4-32.8.ia64.rpm     b17a6bdc87d729cd39b767694cdb8a26
nscd-2.2.4-32.8.ia64.rpm     74d03cd22fe036b2f181d3f6528b97fa

上述包可以在如下地址获得：

http://rhn.redhat.com/

浏览次数：3208
严重程度：0（网友投票）

关于我们: 公司介绍; 公司荣誉; 公司新闻

联系我们: 公司总部; 分支机构; 海外机构

快速链接: 绿盟云; 绿盟威胁情报中心NTI; 技术博客