Skip to navigation

Security Advisory Important: glibc security update

Advisory: RHSA-2010:0793-1
Type: Security Advisory
Severity: Important
Issued on: 2010-10-25
Last updated on: 2010-10-25
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2010-3856

Details

Updated glibc packages that fix one security issue are now available for
Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The glibc packages contain the standard C libraries used by multiple
programs on the system. These packages contain the standard C and the
standard math libraries. Without these two libraries, a Linux system cannot
function properly.

It was discovered that the glibc dynamic linker/loader did not perform
sufficient safety checks when loading dynamic shared objects (DSOs) to
provide callbacks for its auditing API during the execution of
privileged programs. A local attacker could use this flaw to escalate
their privileges via a carefully-chosen system DSO library containing
unsafe constructors. (CVE-2010-3856)

Red Hat would like to thank Ben Hawkes and Tavis Ormandy for reporting this
issue.

All users should upgrade to these updated packages, which contain a
backported patch to correct this issue.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
glibc-2.5-49.el5_5.7.src.rpm
File outdated by:  RHSA-2013:1411
    MD5: af06df2b598632d0f96006f306a80e5d
SHA-256: 82e1d65b99db67bc6a14e59303c77994228e36900b52389e975bc4a3e782dca1
 
IA-32:
glibc-2.5-49.el5_5.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 242fb72ad6f1ce09a07a598f4e0cb92c
SHA-256: 6fc2846b4e999876ed4178548b78c2138bd436860e0a896923c20128b86111a2
glibc-2.5-49.el5_5.7.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: e21056b223e011622d91fbc75d079226
SHA-256: 47e05605373ed022365b7afa28ec48bafd26dde96c598f9f1c5f9d6eb4bf434d
glibc-common-2.5-49.el5_5.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 962b5aa0c108899e3b99173fd8c715f3
SHA-256: b81525402a29105d2899bc54e1ce1b3fcbfa92eac0398df4bfc24d99b8da4002
glibc-devel-2.5-49.el5_5.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 7a75c9284fa46d022d02417f806312bb
SHA-256: ffb7784f701a108ca9c9079d8afecdbc6659c651e9763d294f1e5c179d140435
glibc-headers-2.5-49.el5_5.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 1e76a44c6db6184ebb93ed9e215bb8c3
SHA-256: 25454c3d7b3486d02595afaf8ab8ff17a056dfa03fc177c17fc89620e8427d2b
glibc-utils-2.5-49.el5_5.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 6ff50882a2b489ca96614d8a29a944e6
SHA-256: a57e501538b3617db914302c91e9a7b59e2791554e2380e991f63eb3bdfe6bc5
nscd-2.5-49.el5_5.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 897f5bc6deda73334122f66f7f1b9600
SHA-256: 60b188fcbd5750d554de7a0ebc6fc59094a6e89ad66eb2551e5bb17bacce9df0
 
IA-64:
glibc-2.5-49.el5_5.7.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: e21056b223e011622d91fbc75d079226
SHA-256: 47e05605373ed022365b7afa28ec48bafd26dde96c598f9f1c5f9d6eb4bf434d
glibc-2.5-49.el5_5.7.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 1d66d8d39453665ee19ac1b1cada432c
SHA-256: 329973c2636e9bf911f1ae4eb75be787799372df9bec60526bf1e09504d7cfa7
glibc-common-2.5-49.el5_5.7.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 5225f3a2b17d7e6b076f365f99c89cba
SHA-256: 6d042c5a6432ee8c633db783b5aceea3c2d467849111ceafa39d50d90de2d4c8
glibc-devel-2.5-49.el5_5.7.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 257a3414bb08d4f6562e443b0bd1a930
SHA-256: 4b1e0f37cfd525d53ca2beac045dafe8cc73ac2d9fa88be8914ec7724552a75d
glibc-headers-2.5-49.el5_5.7.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 3603f70d22362386998268d9dda2d5f1
SHA-256: 8f1448da144c798ca89952c7f64aaf65c4edf8e738f2fde888b3ef12de177b6e
glibc-utils-2.5-49.el5_5.7.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: a0055bc5f158475dea5c793dddbdc3b8
SHA-256: 25e8c3c2b9235af22c6746b8701caca754bc5911f3902f93cda6c2ef4b87d0bb
nscd-2.5-49.el5_5.7.ia64.rpm
File outdated by:  RHSA-2013:1411
    MD5: e71b4eeae7e1f434faf60155784b111e
SHA-256: 9f55151b269c897ed3b7664401d71613e8b6b11756e10a868a0a3b71d18d2bd2
 
PPC:
glibc-2.5-49.el5_5.7.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 951261afb9e1d10eea98342c4f89a7c3
SHA-256: 798f7108f471fd647afd137c4d4456106eda9d2a5f6de2fb76034e5910a8ce1e
glibc-2.5-49.el5_5.7.ppc64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 1cd83a5a280125d62dc9a016c81f79d0
SHA-256: d096f1f8b69abfcb2d3dc5d8effb3a70328c6ac2773b147e231fcbf99489d511
glibc-common-2.5-49.el5_5.7.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: b6de644624ea063bd22a8db48de44cb6
SHA-256: 6cd9263833ad5bf267343f32daa28f30997d4a874c29901fb570f684918c8c0f
glibc-devel-2.5-49.el5_5.7.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 7961ab143dafac5b7f5eca104ce86af9
SHA-256: 23011ba05be9a540c01e393a91d4ed24c8343bf92f3ef1de7822305c723be637
glibc-devel-2.5-49.el5_5.7.ppc64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 8c228e978434d3aec75e65259e44f95d
SHA-256: 99d52462b2cb3cfa1fde59594aa01fe76d7cd2536d3592feb625a792c028f0ef
glibc-headers-2.5-49.el5_5.7.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 4f07fadf867a555d593126b15612f633
SHA-256: abc483022f5d94d5d189159d217189858654f9534d626069f3fd58354ce7d96a
glibc-utils-2.5-49.el5_5.7.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 7f7e2e8c26f4a42cac85a431298df4b9
SHA-256: 5a5b1670e61c29016ab346ffaf15dd87b4e658a83bb104993e4340da3e10e360
nscd-2.5-49.el5_5.7.ppc.rpm
File outdated by:  RHSA-2013:1411
    MD5: 36dc65f080da6915c105ed248ffb8665
SHA-256: 039a21c97ad804f9953488b9bec6f56ac7940f0cc737ce5c66a5bbe072e20eb8
 
s390x:
glibc-2.5-49.el5_5.7.s390.rpm
File outdated by:  RHSA-2013:1411
    MD5: f533473917e197deeccae83bfa488106
SHA-256: e92dbe06e4002f517b1bc872c41869b0b359114e4a57cba107c140b6ced1a382
glibc-2.5-49.el5_5.7.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: e1859e61f873c4568b6a9e977dc2e1ac
SHA-256: 5a920c3d2f5fc75ec428f3c0996f8cd6644fde189840bc69a75482012b169bca
glibc-common-2.5-49.el5_5.7.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: c15639fc5ebdab61eb2bbf6397c2f4ec
SHA-256: 9f8ada92dc4a59cfd01f27b59a453f0a9547dc7e58b275eb484589a9537632e3
glibc-devel-2.5-49.el5_5.7.s390.rpm
File outdated by:  RHSA-2013:1411
    MD5: 7e28732636212a24c2deab149767d0f2
SHA-256: 74483541dfb675da88dc2baf6b6f6df70ad96e8da815e40060edbe476386fb2c
glibc-devel-2.5-49.el5_5.7.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 2749a356c30c6cc8eb5860485c25f0bd
SHA-256: 6bd7825ddfc103e1263f069df577694e55f4ff45868c8ed3de5bd4a1556ee9a3
glibc-headers-2.5-49.el5_5.7.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 689b628c0e5ad9ce4d3663d119cd25b6
SHA-256: 7b6a780ed8544f2c84ef2ba3063991e10a8cc482a5895164cb14240860f733a9
glibc-utils-2.5-49.el5_5.7.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 3ef2ddb9c7c461b0e8b00c6704f328f0
SHA-256: f63421d22af44505457d582e066004bb2340c7dd389ee6045646c3a4e141ceac
nscd-2.5-49.el5_5.7.s390x.rpm
File outdated by:  RHSA-2013:1411
    MD5: 19e0dd798582faeacb45baf4cc7d1241
SHA-256: c609e808780300f190be9f46fda96fdde019b33368f0b3a6fea80dcd8c5924af
 
x86_64:
glibc-2.5-49.el5_5.7.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: e21056b223e011622d91fbc75d079226
SHA-256: 47e05605373ed022365b7afa28ec48bafd26dde96c598f9f1c5f9d6eb4bf434d
glibc-2.5-49.el5_5.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: e769c002ecf296251f18e3d1c7abfbed
SHA-256: ec59cbd5782c9d74f6697528c5457644dd9d198a7fe5e27202ac6541d9d0aab8
glibc-common-2.5-49.el5_5.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 20192abcb1e6f2f994dc118c806dc2ca
SHA-256: 5404aed72f229163ddf0b68098f9c7e4399b482a1d116fc70218daa690ad8ec3
glibc-devel-2.5-49.el5_5.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 7a75c9284fa46d022d02417f806312bb
SHA-256: ffb7784f701a108ca9c9079d8afecdbc6659c651e9763d294f1e5c179d140435
glibc-devel-2.5-49.el5_5.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 47ec2db1958dbe9fd0b881c39bd43be8
SHA-256: e2f2d6589cb5d4dce85d55a2534c6228a5a0ac3c725bbb79a645807d4b12d28e
glibc-headers-2.5-49.el5_5.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 5cf3e2bbb9d6873ef3b8c73053598029
SHA-256: 57b7a06bcc744780153784e8b503c90a65a576891b2bc9db87702270eb816e84
glibc-utils-2.5-49.el5_5.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 377cfc3f9341a8533e249e93263c6650
SHA-256: d331b2e15b978edb4349cd6e1ead1a622af4f0b2b7e775794d8f3e0129158eb2
nscd-2.5-49.el5_5.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 31614071c991d11bf6dafbe5a19c5beb
SHA-256: 1d0d46468232f1faf58071d75a9839fb3f740222f06f0276a0201c8169ace249
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
glibc-2.5-49.el5_5.7.src.rpm
File outdated by:  RHSA-2013:1411
    MD5: af06df2b598632d0f96006f306a80e5d
SHA-256: 82e1d65b99db67bc6a14e59303c77994228e36900b52389e975bc4a3e782dca1
 
IA-32:
glibc-2.5-49.el5_5.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 242fb72ad6f1ce09a07a598f4e0cb92c
SHA-256: 6fc2846b4e999876ed4178548b78c2138bd436860e0a896923c20128b86111a2
glibc-2.5-49.el5_5.7.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: e21056b223e011622d91fbc75d079226
SHA-256: 47e05605373ed022365b7afa28ec48bafd26dde96c598f9f1c5f9d6eb4bf434d
glibc-common-2.5-49.el5_5.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 962b5aa0c108899e3b99173fd8c715f3
SHA-256: b81525402a29105d2899bc54e1ce1b3fcbfa92eac0398df4bfc24d99b8da4002
glibc-devel-2.5-49.el5_5.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 7a75c9284fa46d022d02417f806312bb
SHA-256: ffb7784f701a108ca9c9079d8afecdbc6659c651e9763d294f1e5c179d140435
glibc-headers-2.5-49.el5_5.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 1e76a44c6db6184ebb93ed9e215bb8c3
SHA-256: 25454c3d7b3486d02595afaf8ab8ff17a056dfa03fc177c17fc89620e8427d2b
glibc-utils-2.5-49.el5_5.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 6ff50882a2b489ca96614d8a29a944e6
SHA-256: a57e501538b3617db914302c91e9a7b59e2791554e2380e991f63eb3bdfe6bc5
nscd-2.5-49.el5_5.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 897f5bc6deda73334122f66f7f1b9600
SHA-256: 60b188fcbd5750d554de7a0ebc6fc59094a6e89ad66eb2551e5bb17bacce9df0
 
x86_64:
glibc-2.5-49.el5_5.7.i686.rpm
File outdated by:  RHSA-2013:1411
    MD5: e21056b223e011622d91fbc75d079226
SHA-256: 47e05605373ed022365b7afa28ec48bafd26dde96c598f9f1c5f9d6eb4bf434d
glibc-2.5-49.el5_5.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: e769c002ecf296251f18e3d1c7abfbed
SHA-256: ec59cbd5782c9d74f6697528c5457644dd9d198a7fe5e27202ac6541d9d0aab8
glibc-common-2.5-49.el5_5.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 20192abcb1e6f2f994dc118c806dc2ca
SHA-256: 5404aed72f229163ddf0b68098f9c7e4399b482a1d116fc70218daa690ad8ec3
glibc-devel-2.5-49.el5_5.7.i386.rpm
File outdated by:  RHSA-2013:1411
    MD5: 7a75c9284fa46d022d02417f806312bb
SHA-256: ffb7784f701a108ca9c9079d8afecdbc6659c651e9763d294f1e5c179d140435
glibc-devel-2.5-49.el5_5.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 47ec2db1958dbe9fd0b881c39bd43be8
SHA-256: e2f2d6589cb5d4dce85d55a2534c6228a5a0ac3c725bbb79a645807d4b12d28e
glibc-headers-2.5-49.el5_5.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 5cf3e2bbb9d6873ef3b8c73053598029
SHA-256: 57b7a06bcc744780153784e8b503c90a65a576891b2bc9db87702270eb816e84
glibc-utils-2.5-49.el5_5.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 377cfc3f9341a8533e249e93263c6650
SHA-256: d331b2e15b978edb4349cd6e1ead1a622af4f0b2b7e775794d8f3e0129158eb2
nscd-2.5-49.el5_5.7.x86_64.rpm
File outdated by:  RHSA-2013:1411
    MD5: 31614071c991d11bf6dafbe5a19c5beb
SHA-256: 1d0d46468232f1faf58071d75a9839fb3f740222f06f0276a0201c8169ace249
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

645672 - CVE-2010-3856 glibc: ld.so arbitrary DSO loading via LD_AUDIT in setuid/setgid programs


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/