A glibc security update has been released for AlmaLinux.
ALSA-2022:0896 Moderate: glibc security update
Type:
security
Severity:
moderate
Release date:
2022-03-16
Description
Security Fix(es):
* glibc: Off-by-one buffer overflow/underflow in getcwd() (CVE-2021-3999)
* glibc: Stack-based buffer overflow in svcunix_create via long pathnames (CVE-2022-23218)
* glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname (CVE-2022-23219)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
CVE-2021-3999
CVE-2022-23218
CVE-2022-23219
Updates packages:
compat-libpthread-nonshared-2.28-164.el8_5.3.x86_64.rpm
glibc-utils-2.28-164.el8_5.3.x86_64.rpm
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.