File _patchinfo of Package patchinfo.7596

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.7596

<patchinfo incident="7596">
  <issue tracker="bnc" id="1094150">VUL-0: CVE-2017-18269: glibc: memory corruption in memcpy-sse2-unaligned.S</issue>
  <issue tracker="bnc" id="1086690">Partner-L3: SLES 15: getaddrinfo segfaults if malloc fails in a specific way</issue>
  <issue tracker="bnc" id="1094161">VUL-0: CVE-2018-11236: glibc: 32bit arch integer overflow in stdlib/canonicalize.c when processing very long pathname arguments</issue>
  <issue tracker="bnc" id="1094154">VUL-0: CVE-2018-11237: glibc: An AVX-512-optimized implementation of the mempcpy function in the GNU C Library(aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer,leading to a buffer overflow in __mempcpy_avx512_n</issue>
  <issue tracker="cve" id="2018-11237"/>
  <issue tracker="cve" id="2018-11236"/>
  <issue tracker="cve" id="2017-18269"/>
  <category>security</category>
  <rating>important</rating>
  <packager>Andreas_Schwab</packager>
  <description>
  
This update for glibc fixes the following issues:

- CVE-2017-18269: Fix SSE2 memmove issue when crossing 2GB boundary (bsc#1094150)
- CVE-2018-11236: Fix overflow in path length computation (bsc#1094161)
- CVE-2018-11237: Don't write beyond buffer destination in __mempcpy_avx512_no_vzeroupper (bsc#1094154)

Non security bugs fixed:

- Fix crash in resolver on memory allocation failure (bsc#1086690)

</description>
  <summary>Security update for glibc</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.7596

Places