Bug 1094150 - (CVE-2017-18269) VUL-0: CVE-2017-18269: glibc: memory corruption in memcpy-sse2-unaligned.S
(CVE-2017-18269)
VUL-0: CVE-2017-18269: glibc: memory corruption in memcpy-sse2-unaligned.S
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
i686 Other
: P3 - Medium : Normal
: ---
Assigned To: Andreas Schwab
Security Team bot
https://smash.suse.de/issue/206150/
CVSSv3:RedHat:CVE-2017-18269:5.3:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-05-22 07:57 UTC by Alexander Bergmann
Modified: 2019-03-04 16:29 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2018-05-22 07:57:29 UTC
rh#1580924

An SSE2-optimized memmove implementation for i386 in
sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka
glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping
memory check if the source memory range spans the middle of the address space,
resulting in corrupt data being produced by the copy operation. This may
disclose information to context-dependent attackers, or result in a denial of
service, or, possibly, code execution.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1580924
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18269
http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18269.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18269
https://github.com/fingolfin/memmove-bug
https://sourceware.org/bugzilla/show_bug.cgi?id=22644
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=cd66c0e584c6d692bc8347b5e72723d02b8a8ada
Comment 1 Alexander Bergmann 2018-05-22 07:59:39 UTC
SLE-12-SP2 and SLE-15 are affected.
Comment 2 Andreas Schwab 2018-05-22 09:12:31 UTC
This is x86-32 only.
Comment 4 Swamp Workflow Management 2018-06-06 13:07:41 UTC
SUSE-SU-2018:1562-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1086690,1094150,1094154,1094161
CVE References: CVE-2017-18269,CVE-2018-11236,CVE-2018-11237
Sources used:
SUSE OpenStack Cloud 7 (src):    glibc-2.22-62.13.2
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    glibc-2.22-62.13.2
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    glibc-2.22-62.13.2
SUSE Linux Enterprise Server 12-SP3 (src):    glibc-2.22-62.13.2
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    glibc-2.22-62.13.2
SUSE Linux Enterprise Desktop 12-SP3 (src):    glibc-2.22-62.13.2
SUSE Enterprise Storage 4 (src):    glibc-2.22-62.13.2
SUSE CaaS Platform ALL (src):    glibc-2.22-62.13.2
OpenStack Cloud Magnum Orchestration 7 (src):    glibc-2.22-62.13.2
Comment 5 Andreas Stieger 2018-06-07 16:23:55 UTC
Is this done for SLE 15?
Comment 6 Andreas Schwab 2018-06-07 16:34:47 UTC
No, this is planned for post-release update.
Comment 7 Swamp Workflow Management 2018-06-07 22:15:29 UTC
openSUSE-SU-2018:1600-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1086690,1094150,1094154,1094161
CVE References: CVE-2017-18269,CVE-2018-11236,CVE-2018-11237
Sources used:
openSUSE Leap 42.3 (src):    glibc-2.22-19.1, glibc-2.22-19.2, glibc-testsuite-2.22-19.2, glibc-utils-2.22-19.1
Comment 9 Swamp Workflow Management 2018-07-19 13:12:25 UTC
SUSE-SU-2018:1991-1: An update that solves three vulnerabilities and has two fixes is now available.

Category: security (moderate)
Bug References: 1082318,1092877,1094150,1094154,1094161
CVE References: CVE-2017-18269,CVE-2018-11236,CVE-2018-11237
Sources used:
SUSE Linux Enterprise Module for Development Tools 15 (src):    glibc-2.26-13.3.1, glibc-utils-src-2.26-13.3.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    glibc-2.26-13.3.1
Comment 10 Swamp Workflow Management 2018-08-01 16:08:43 UTC
openSUSE-SU-2018:2159-1: An update that solves three vulnerabilities and has two fixes is now available.

Category: security (moderate)
Bug References: 1082318,1092877,1094150,1094154,1094161
CVE References: CVE-2017-18269,CVE-2018-11236,CVE-2018-11237
Sources used:
openSUSE Leap 15.0 (src):    glibc-2.26-lp150.11.6.120, glibc-testsuite-src-2.26-lp150.11.6.120, glibc-utils-src-2.26-lp150.11.6.120
Comment 11 Swamp Workflow Management 2018-10-18 17:59:44 UTC
SUSE-SU-2018:1562-2: An update that solves three vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1086690,1094150,1094154,1094161
CVE References: CVE-2017-18269,CVE-2018-11236,CVE-2018-11237
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    glibc-2.22-62.13.2
Comment 12 Andreas Schwab 2019-03-04 16:29:31 UTC
Fixed.