CESA-2018:3092 -- centos 7 glibcID: oval:org.secpod.oval:def:204912 | Date: (C)2021-01-19 (M)2024-04-17 |
Class: PATCH | Family: unix |
The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: * glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary libraries * glibc: Integer overflow in posix_memalign in memalign functions * glibc: Integer overflow in stdlib/canonicalize.c on 32-bit architectures leading to stack-based buffer overflow * glibc: Buffer overflow in __mempcpy_avx512_no_vzeroupper For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.