Rapid7 Vulnerability & Exploit Database

RHSA-2003:212: Updated glibc packages fix vulnerabilities

Back to Search

RHSA-2003:212: Updated glibc packages fix vulnerabilities



Updated glibc packages that fix a number of vulnerabilites are now available.

The glibc package contains standard libraries that are used by multiple programs. An integer overflow is present in the xdrmem_getbytes() function of glibc 2.3.1 and earlier. Depending upon the application, this vulnerability could cause buffer overflows and may be exploitable, leading to arbitrary code execution. Red Hat would like to thank eEye Digital Security for alerting us to this issue. An error in the calculation of memory needed for unpacking arrays in the XDR decoder in glibc 2.2.5 and earlier can result in a heap buffer overflow. Depending upon the application, this vulnerability may be exploitable and lead to arbitrary code execution. A read buffer overflow vulnerability exists in the glibc resolver code in versions of glibc up to and including 2.2.5. The vulnerability is triggered by DNS packets larger than 1024 bytes and can cause applications to crash. A buffer overflow vulnerability has been found in the way the glibc resolver handles the resolution of network names and addresses via DNS (as per Internet RFC 1011). Version 2.2.5 of glibc and earlier versions are affected. A system would be vulnerable to this issue if the "networks" database in /etc/nsswitch.conf includes the "dns" entry. By default, Red Hat Linux ships with "networks" set to "files" and is therefore not vulnerable to this issue. (CAN-2002-0684) All users should upgrade to these errata packages, which contain patches to the glibc libraries and are therefore not vulnerable to these issues. NOTE: Once the glibc upgrade has been completed, you must either reboot the system or restart all programs on the system (for example, by using telinit 1 and then switching back to the original runlevel). Rebooting the system or restarting the system programs is necessary to avoid vulnerable glibc copies in memory. In addition, one cannot mix old NSS modules or libresolv with upgraded NSS modules or libresolve in one running application. Note also that, if sshd is running so that the other services can be restarted remotely or for a remote reboot during an unattended glibc upgrade, glibc will also restart sshd.


  • redhat-upgrade-glibc
  • redhat-upgrade-glibc-common
  • redhat-upgrade-glibc-devel
  • redhat-upgrade-glibc-profile
  • redhat-upgrade-nscd

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center