GNU GLibC LD.SO Mask动态装载器整数溢出漏洞

Glibc是一款提供系统调用和基本函数的C库。 Glibc包含的动态装载器ld.so存在整数溢出，本地攻击者可以利用漏洞提升特权执行任意指令。 在动态装载器ld.so处理硬件'capabilities mask'时存在缺陷，如果'mask'被指定为一个高计数值，在分配内存时可导致整数溢出，可能以高特权执行任意指令。 GNU glibc 2.3.10 + Debian Linux 2.2 GNU glibc 2.3.4 GNU glibc 2.3.3 + MandrakeSoft apcupsd 2006.0 + MandrakeSoft Linux Mandrake 10.1 x86_64 + MandrakeSoft Linux Mandrake 10.1 + MandrakeSoft Linux Mandrake 10.0 AMD64 + MandrakeSoft Linux Mandrake 10.0 + RedHat Fedora Core2 GNU glibc 2.3.2 + Conectiva Linux 9.0 + RedHat Linux 9.0 i386 + RedHat Linux 8.0 + Trustix Secure Linux 2.0 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 GNU glibc 2.3.1 + Conectiva Linux 9.0 + MandrakeSoft Linux Mandrake 9.1 ppc + MandrakeSoft Linux Mandrake 9.1 + Slackware Linux 9.0 GNU glibc 2.3 GNU glibc 2.2.5 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 + Gentoo Linux 0.7 + Gentoo Linux 0.5 + MandrakeSoft Corporate Server 2.1 x86_64 + MandrakeSoft Corporate Server 2.1 + MandrakeSoft Linux Mandrake 9.0 + RedHat Linux 7.3 i386 + RedHat Linux 7.3 + Slackware Linux 8.1 GNU glibc 2.2.4 + Caldera OpenLinux Server 3.1.1 + Caldera OpenLinux Server 3.1 + Caldera OpenLinux Workstation 3.1.1 + Caldera OpenLinux Workstation 3.1 + Conectiva Linux 8.0 + HP Secure OS software for Linux 1.0 + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Linux Mandrake 8.1 ia64 + MandrakeSoft Linux Mandrake 8.1 + RedHat Enterprise Linux WS 2.1 IA64 + RedHat Enterprise Linux WS 2.1 + RedHat Enterprise Linux ES 2.1 IA64 + RedHat Enterprise Linux ES 2.1 + RedHat Enterprise Linux AS 2.1 IA64 + RedHat Enterprise Linux AS 2.1 + RedHat Linux 7.2 i686 + RedHat Linux 7.2 i386 + RedHat Linux 7.1 ia64 + RedHat Linux 7.1 i686 + RedHat Linux 7.1 i386 + RedHat Linux 7.1 alphaev6 + RedHat Linux 7.1 alpha + RedHat Linux 7.0 alphaev6 + RedHat Linux 7.0 i686 + RedHat Linux 7.0 i386 + RedHat Linux 7.0 alpha + RedHat Linux Advanced Work Station 2.1 + S.u.S.E. Linux 8.0 i386 + S.u.S.E. Linux 8.0 + S.u.S.E. Linux 7.3 sparc + S.u.S.E. Linux 7.3 ppc + S.u.S.E. Linux 7.3 i386 + S.u.S.E. Linux 7.3 + S.u.S.E. Linux Database Server 0 + S.u.S.E. Linux Enterprise Server 7 + S.u.S.E. Linux Enterprise Server for S/390 + S.u.S.E. Linux Firewall on CD + S.u.S.E. SuSE eMail Server III + Sun Linux 5.0.7 + Sun Linux 5.0.6 + Sun Linux 5.0.5 + Sun Linux 5.0.3 + Sun Linux 5.0 GNU glibc 2.2.3 + Conectiva Linux 7.0 GNU glibc 2.2.2 + MandrakeSoft Linux Mandrake 8.0 ppc + MandrakeSoft Linux Mandrake 8.0 + S.u.S.E. Linux 7.2 i386 + S.u.S.E. Linux 7.2 GNU glibc 2.2.1 GNU glibc 2.2 + S.u.S.E. Linux 7.1 x86 + S.u.S.E. Linux 7.1 sparc + S.u.S.E. Linux 7.1 ppc + S.u.S.E. Linux 7.1 alpha + S.u.S.E. Linux 7.1 + Wirex Immunix OS 7+ GNU glibc 2.1.3 -10 + Debian Linux 2.2 GNU glibc 2.1.3 + Conectiva Linux 6.0 + Conectiva Linux 5.1 + Conectiva Linux 5.0 + Conectiva Linux graficas + Conectiva Linux ecommerce + Debian Linux 2.2 sparc + Debian Linux 2.2 powerpc + Debian Linux 2.2 IA-32 + Debian Linux 2.2 arm + Debian Linux 2.2 alpha + Debian Linux 2.2 68k + Debian Linux 2.2 + EnGarde Secure Linux 1.0.1 + HP Secure OS software for Linux 1.0 + MandrakeSoft Corporate Server 1.0.1 + MandrakeSoft Linux Mandrake 7.2 + MandrakeSoft Linux Mandrake 7.1 + MandrakeSoft Single Network Firewall 7.2 + Openwall Openwall GNU/*/Linux 0.1 -stable + RedHat Linux 6.2 sparcv9 + RedHat Linux 6.2 sparc + RedHat Linux 6.2 i386 + RedHat Linux 6.2 alpha + RedHat Linux 6.2 + S.u.S.E. Linux 7.0 sparc + S.u.S.E. Linux 7.0 ppc + S.u.S.E. Linux 7.0 i386 + S.u.S.E. Linux 7.0 alpha + S.u.S.E. Linux 7.0 + S.u.S.E. Linux 6.4 ppc + S.u.S.E. Linux 6.4 i386 + S.u.S.E. Linux 6.4 alpha + S.u.S.E. Linux 6.4 + Trustix Secure Linux 1.5 + Trustix Secure Linux 1.2 + Trustix Secure Linux 1.1 + Trustix Secure Linux 1.0 1 GNU glibc 2.1.2 GNU glibc 2.1.1 -6 + RedHat Linux 6.0 GNU glibc 2.1.1 GNU glibc 2.1 GNU glibc 2.0.6 GNU glibc 2.0.5 GNU glibc 2.0.4 GNU glibc 2.0.3 GNU glibc 2.0.2 GNU glibc 2.0.1 GNU glibc 2.0 GNU glibc 2.5.0 GNU Cfengine 1.2.3 Gentoo Linux Gentoo linux可参考如下升级方法： # emerge --sync # emerge --ask --oneshot --verbose ">=sys-libs/glibc-2.5-r4"