Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/index.php/Reporting_Bug_Guidelines

Do NOT report bugs when a package is just outdated, or it is in Unsupported. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#48213 - [glibc] bug, CVE2016-7547

Attached to Project: Arch Linux
Opened by Ingo Albrecht (indigo) - Tuesday, 16 February 2016, 19:06 GMT
Last edited by Allan McRae (Allan) - Wednesday, 17 February 2016, 05:29 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To Allan McRae (Allan)
Architecture All
Severity Critical
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 9
Private No

Details

Description:

Bug to track remote exploitable:
CVE-2015-7547 --- glibc getaddrinfo() stack-based buffer overflow

Additional info:
* glibc & lib32-glibc <= 2.22-3

[1] Disclosure: https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html
[2] Disclousre: https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
[3] Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=18665

Steps to reproduce:
see above links
This task depends upon

Closed by  Allan McRae (Allan)
Wednesday, 17 February 2016, 05:29 GMT
Reason for closing:  Fixed
Additional comments about closing:  glibc-2.22-4
Comment by Ingo Albrecht (indigo) - Tuesday, 16 February 2016, 19:11 GMT
(description should read CVE2015-7547 not 2016)
Comment by Matt Corallo (BlueMatt) - Tuesday, 16 February 2016, 20:34 GMT Comment by Pascal E. (hardfalcon) - Tuesday, 16 February 2016, 21:18 GMT
That patch needs a few changes for hunk #6 to actually work. I've attached the adapted version.

I've built the glibc package successfully with this patch, and am currently running it on 3-4 of my boxes, without any problems/crashes so far.
Comment by Levente Polyak (anthraxx) - Tuesday, 16 February 2016, 23:39 GMT
just to confirm, patch looks legit, diff between upstream:

313c330
< @@ -767,36 +855,14 @@ send_vc(res_state statp,
---
> @@ -767,40 +855,14 @@ send_vc(res_state statp,
328a346
> -#if __GNUC_PREREQ (4, 7)
330a349
> -#endif
340a360
> -#if __GNUC_PREREQ (4, 7)
341a362
> -#endif
550a572
>
Comment by Sebastian Götte (jaseg) - Wednesday, 17 February 2016, 00:51 GMT
Can confirm this patch building and (for now) working on one pretty basic install (ssh, mosh, weechat on x86_64).

Loading...