USN-944-1: GNU C Library vulnerabilities

Ubuntu Security Notice USN-944-1

25th May, 2010

glibc, eglibc vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 10.04 LTS
  • Ubuntu 9.10
  • Ubuntu 9.04
  • Ubuntu 8.04 LTS
  • Ubuntu 6.06 LTS

Summary

The GNU C library did not correctly handle certain mnt entries, strfmon arguments, and ELF program headers.

Software description

  • eglibc - Shared system libraries
  • glibc - Shared system libraries

Details

Maksymilian Arciemowicz discovered that the GNU C library did not
correctly handle integer overflows in the strfmon function. If a user
or automated system were tricked into processing a specially crafted
format string, a remote attacker could crash applications, leading to
a denial of service. (Ubuntu 10.04 was not affected.) (CVE-2008-1391)

Jeff Layton and Dan Rosenberg discovered that the GNU C library did not
correctly handle newlines in the mntent family of functions. If a local
attacker were able to inject newlines into a mount entry through other
vulnerable mount helpers, they could disrupt the system or possibly gain
root privileges. (CVE-2010-0296)

Dan Rosenberg discovered that the GNU C library did not correctly validate
certain ELF program headers. If a user or automated system were tricked
into verifying a specially crafted ELF program, a remote attacker could
execute arbitrary code with user privileges. (CVE-2010-0830)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 10.04 LTS:
libc6 2.11.1-0ubuntu7.1
Ubuntu 9.10:
libc6 2.10.1-0ubuntu17
Ubuntu 9.04:
libc6 2.9-4ubuntu6.2
Ubuntu 8.04 LTS:
libc6 2.7-10ubuntu6
Ubuntu 6.06 LTS:
libc6 2.3.6-0ubuntu20.6

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart all services to make
the necessary changes.

References

CVE-2008-1391, CVE-2010-0296, CVE-2010-0830