AlmaLinux 2325 Published by

A glibc security update has been released for AlmaLinux.



ALSA-2022:0896 Moderate: glibc security update


Type:
security

Severity:
moderate

Release date:
2022-03-16

Description
Security Fix(es):
* glibc: Off-by-one buffer overflow/underflow in getcwd() (CVE-2021-3999)
* glibc: Stack-based buffer overflow in svcunix_create via long pathnames (CVE-2022-23218)
* glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname (CVE-2022-23219)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2021-3999
CVE-2022-23218
CVE-2022-23219

Updates packages:
compat-libpthread-nonshared-2.28-164.el8_5.3.x86_64.rpm
glibc-utils-2.28-164.el8_5.3.x86_64.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2022:0896 Moderate: glibc security update