CentOS Linux: CVE-2021-3999: Moderate: glibc security update (CESA-2022:0896)
4
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
03/15/2022
03/16/2022
03/16/2022
05/25/2023
Description
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.
Solution(s)
- centos-upgrade-compat-libpthread-nonshared
- centos-upgrade-glibc
- centos-upgrade-glibc-all-langpacks
- centos-upgrade-glibc-common
- centos-upgrade-glibc-debuginfo
- centos-upgrade-glibc-debuginfo-common
- centos-upgrade-glibc-devel
- centos-upgrade-glibc-headers
- centos-upgrade-glibc-langpack-aa
- centos-upgrade-glibc-langpack-af
- centos-upgrade-glibc-langpack-agr
- centos-upgrade-glibc-langpack-ak
- centos-upgrade-glibc-langpack-am
- centos-upgrade-glibc-langpack-an
- centos-upgrade-glibc-langpack-anp
- centos-upgrade-glibc-langpack-ar
- centos-upgrade-glibc-langpack-as
- centos-upgrade-glibc-langpack-ast
- centos-upgrade-glibc-langpack-ayc
- centos-upgrade-glibc-langpack-az
- centos-upgrade-glibc-langpack-be
- centos-upgrade-glibc-langpack-bem
- centos-upgrade-glibc-langpack-ber
- centos-upgrade-glibc-langpack-bg
- centos-upgrade-glibc-langpack-bhb
- centos-upgrade-glibc-langpack-bho
- centos-upgrade-glibc-langpack-bi
- centos-upgrade-glibc-langpack-bn
- centos-upgrade-glibc-langpack-bo
- centos-upgrade-glibc-langpack-br
- centos-upgrade-glibc-langpack-brx
- centos-upgrade-glibc-langpack-bs
- centos-upgrade-glibc-langpack-byn
- centos-upgrade-glibc-langpack-ca
- centos-upgrade-glibc-langpack-ce
- centos-upgrade-glibc-langpack-chr
- centos-upgrade-glibc-langpack-cmn
- centos-upgrade-glibc-langpack-crh
- centos-upgrade-glibc-langpack-cs
- centos-upgrade-glibc-langpack-csb
- centos-upgrade-glibc-langpack-cv
- centos-upgrade-glibc-langpack-cy
- centos-upgrade-glibc-langpack-da
- centos-upgrade-glibc-langpack-de
- centos-upgrade-glibc-langpack-doi
- centos-upgrade-glibc-langpack-dsb
- centos-upgrade-glibc-langpack-dv
- centos-upgrade-glibc-langpack-dz
- centos-upgrade-glibc-langpack-el
- centos-upgrade-glibc-langpack-en
- centos-upgrade-glibc-langpack-eo
- centos-upgrade-glibc-langpack-es
- centos-upgrade-glibc-langpack-et
- centos-upgrade-glibc-langpack-eu
- centos-upgrade-glibc-langpack-fa
- centos-upgrade-glibc-langpack-ff
- centos-upgrade-glibc-langpack-fi
- centos-upgrade-glibc-langpack-fil
- centos-upgrade-glibc-langpack-fo
- centos-upgrade-glibc-langpack-fr
- centos-upgrade-glibc-langpack-fur
- centos-upgrade-glibc-langpack-fy
- centos-upgrade-glibc-langpack-ga
- centos-upgrade-glibc-langpack-gd
- centos-upgrade-glibc-langpack-gez
- centos-upgrade-glibc-langpack-gl
- centos-upgrade-glibc-langpack-gu
- centos-upgrade-glibc-langpack-gv
- centos-upgrade-glibc-langpack-ha
- centos-upgrade-glibc-langpack-hak
- centos-upgrade-glibc-langpack-he
- centos-upgrade-glibc-langpack-hi
- centos-upgrade-glibc-langpack-hif
- centos-upgrade-glibc-langpack-hne
- centos-upgrade-glibc-langpack-hr
- centos-upgrade-glibc-langpack-hsb
- centos-upgrade-glibc-langpack-ht
- centos-upgrade-glibc-langpack-hu
- centos-upgrade-glibc-langpack-hy
- centos-upgrade-glibc-langpack-ia
- centos-upgrade-glibc-langpack-id
- centos-upgrade-glibc-langpack-ig
- centos-upgrade-glibc-langpack-ik
- centos-upgrade-glibc-langpack-is
- centos-upgrade-glibc-langpack-it
- centos-upgrade-glibc-langpack-iu
- centos-upgrade-glibc-langpack-ja
- centos-upgrade-glibc-langpack-ka
- centos-upgrade-glibc-langpack-kab
- centos-upgrade-glibc-langpack-kk
- centos-upgrade-glibc-langpack-kl
- centos-upgrade-glibc-langpack-km
- centos-upgrade-glibc-langpack-kn
- centos-upgrade-glibc-langpack-ko
- centos-upgrade-glibc-langpack-kok
- centos-upgrade-glibc-langpack-ks
- centos-upgrade-glibc-langpack-ku
- centos-upgrade-glibc-langpack-kw
- centos-upgrade-glibc-langpack-ky
- centos-upgrade-glibc-langpack-lb
- centos-upgrade-glibc-langpack-lg
- centos-upgrade-glibc-langpack-li
- centos-upgrade-glibc-langpack-lij
- centos-upgrade-glibc-langpack-ln
- centos-upgrade-glibc-langpack-lo
- centos-upgrade-glibc-langpack-lt
- centos-upgrade-glibc-langpack-lv
- centos-upgrade-glibc-langpack-lzh
- centos-upgrade-glibc-langpack-mag
- centos-upgrade-glibc-langpack-mai
- centos-upgrade-glibc-langpack-mfe
- centos-upgrade-glibc-langpack-mg
- centos-upgrade-glibc-langpack-mhr
- centos-upgrade-glibc-langpack-mi
- centos-upgrade-glibc-langpack-miq
- centos-upgrade-glibc-langpack-mjw
- centos-upgrade-glibc-langpack-mk
- centos-upgrade-glibc-langpack-ml
- centos-upgrade-glibc-langpack-mn
- centos-upgrade-glibc-langpack-mni
- centos-upgrade-glibc-langpack-mr
- centos-upgrade-glibc-langpack-ms
- centos-upgrade-glibc-langpack-mt
- centos-upgrade-glibc-langpack-my
- centos-upgrade-glibc-langpack-nan
- centos-upgrade-glibc-langpack-nb
- centos-upgrade-glibc-langpack-nds
- centos-upgrade-glibc-langpack-ne
- centos-upgrade-glibc-langpack-nhn
- centos-upgrade-glibc-langpack-niu
- centos-upgrade-glibc-langpack-nl
- centos-upgrade-glibc-langpack-nn
- centos-upgrade-glibc-langpack-nr
- centos-upgrade-glibc-langpack-nso
- centos-upgrade-glibc-langpack-oc
- centos-upgrade-glibc-langpack-om
- centos-upgrade-glibc-langpack-or
- centos-upgrade-glibc-langpack-os
- centos-upgrade-glibc-langpack-pa
- centos-upgrade-glibc-langpack-pap
- centos-upgrade-glibc-langpack-pl
- centos-upgrade-glibc-langpack-ps
- centos-upgrade-glibc-langpack-pt
- centos-upgrade-glibc-langpack-quz
- centos-upgrade-glibc-langpack-raj
- centos-upgrade-glibc-langpack-ro
- centos-upgrade-glibc-langpack-ru
- centos-upgrade-glibc-langpack-rw
- centos-upgrade-glibc-langpack-sa
- centos-upgrade-glibc-langpack-sah
- centos-upgrade-glibc-langpack-sat
- centos-upgrade-glibc-langpack-sc
- centos-upgrade-glibc-langpack-sd
- centos-upgrade-glibc-langpack-se
- centos-upgrade-glibc-langpack-sgs
- centos-upgrade-glibc-langpack-shn
- centos-upgrade-glibc-langpack-shs
- centos-upgrade-glibc-langpack-si
- centos-upgrade-glibc-langpack-sid
- centos-upgrade-glibc-langpack-sk
- centos-upgrade-glibc-langpack-sl
- centos-upgrade-glibc-langpack-sm
- centos-upgrade-glibc-langpack-so
- centos-upgrade-glibc-langpack-sq
- centos-upgrade-glibc-langpack-sr
- centos-upgrade-glibc-langpack-ss
- centos-upgrade-glibc-langpack-st
- centos-upgrade-glibc-langpack-sv
- centos-upgrade-glibc-langpack-sw
- centos-upgrade-glibc-langpack-szl
- centos-upgrade-glibc-langpack-ta
- centos-upgrade-glibc-langpack-tcy
- centos-upgrade-glibc-langpack-te
- centos-upgrade-glibc-langpack-tg
- centos-upgrade-glibc-langpack-th
- centos-upgrade-glibc-langpack-the
- centos-upgrade-glibc-langpack-ti
- centos-upgrade-glibc-langpack-tig
- centos-upgrade-glibc-langpack-tk
- centos-upgrade-glibc-langpack-tl
- centos-upgrade-glibc-langpack-tn
- centos-upgrade-glibc-langpack-to
- centos-upgrade-glibc-langpack-tpi
- centos-upgrade-glibc-langpack-tr
- centos-upgrade-glibc-langpack-ts
- centos-upgrade-glibc-langpack-tt
- centos-upgrade-glibc-langpack-ug
- centos-upgrade-glibc-langpack-uk
- centos-upgrade-glibc-langpack-unm
- centos-upgrade-glibc-langpack-ur
- centos-upgrade-glibc-langpack-uz
- centos-upgrade-glibc-langpack-ve
- centos-upgrade-glibc-langpack-vi
- centos-upgrade-glibc-langpack-wa
- centos-upgrade-glibc-langpack-wae
- centos-upgrade-glibc-langpack-wal
- centos-upgrade-glibc-langpack-wo
- centos-upgrade-glibc-langpack-xh
- centos-upgrade-glibc-langpack-yi
- centos-upgrade-glibc-langpack-yo
- centos-upgrade-glibc-langpack-yue
- centos-upgrade-glibc-langpack-yuw
- centos-upgrade-glibc-langpack-zh
- centos-upgrade-glibc-langpack-zu
- centos-upgrade-glibc-locale-source
- centos-upgrade-glibc-minimal-langpack
- centos-upgrade-glibc-utils
- centos-upgrade-libnsl
- centos-upgrade-nscd
- centos-upgrade-nss_db
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center