Rapid7 Vulnerability & Exploit Database

Oracle Linux: (CVE-2021-3999) ELSA-2022-0896: glibc security update

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

Oracle Linux: (CVE-2021-3999) ELSA-2022-0896: glibc security update

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

02/04/2022

Created

03/19/2022

Added

03/17/2022

Modified

11/23/2022

Description

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.

Solution(s)

oracle-linux-upgrade-compat-libpthread-nonshared
oracle-linux-upgrade-glibc
oracle-linux-upgrade-glibc-all-langpacks
oracle-linux-upgrade-glibc-benchtests
oracle-linux-upgrade-glibc-common
oracle-linux-upgrade-glibc-devel
oracle-linux-upgrade-glibc-headers
oracle-linux-upgrade-glibc-langpack-aa
oracle-linux-upgrade-glibc-langpack-af
oracle-linux-upgrade-glibc-langpack-agr
oracle-linux-upgrade-glibc-langpack-ak
oracle-linux-upgrade-glibc-langpack-am
oracle-linux-upgrade-glibc-langpack-an
oracle-linux-upgrade-glibc-langpack-anp
oracle-linux-upgrade-glibc-langpack-ar
oracle-linux-upgrade-glibc-langpack-as
oracle-linux-upgrade-glibc-langpack-ast
oracle-linux-upgrade-glibc-langpack-ayc
oracle-linux-upgrade-glibc-langpack-az
oracle-linux-upgrade-glibc-langpack-be
oracle-linux-upgrade-glibc-langpack-bem
oracle-linux-upgrade-glibc-langpack-ber
oracle-linux-upgrade-glibc-langpack-bg
oracle-linux-upgrade-glibc-langpack-bhb
oracle-linux-upgrade-glibc-langpack-bho
oracle-linux-upgrade-glibc-langpack-bi
oracle-linux-upgrade-glibc-langpack-bn
oracle-linux-upgrade-glibc-langpack-bo
oracle-linux-upgrade-glibc-langpack-br
oracle-linux-upgrade-glibc-langpack-brx
oracle-linux-upgrade-glibc-langpack-bs
oracle-linux-upgrade-glibc-langpack-byn
oracle-linux-upgrade-glibc-langpack-ca
oracle-linux-upgrade-glibc-langpack-ce
oracle-linux-upgrade-glibc-langpack-chr
oracle-linux-upgrade-glibc-langpack-cmn
oracle-linux-upgrade-glibc-langpack-crh
oracle-linux-upgrade-glibc-langpack-cs
oracle-linux-upgrade-glibc-langpack-csb
oracle-linux-upgrade-glibc-langpack-cv
oracle-linux-upgrade-glibc-langpack-cy
oracle-linux-upgrade-glibc-langpack-da
oracle-linux-upgrade-glibc-langpack-de
oracle-linux-upgrade-glibc-langpack-doi
oracle-linux-upgrade-glibc-langpack-dsb
oracle-linux-upgrade-glibc-langpack-dv
oracle-linux-upgrade-glibc-langpack-dz
oracle-linux-upgrade-glibc-langpack-el
oracle-linux-upgrade-glibc-langpack-en
oracle-linux-upgrade-glibc-langpack-eo
oracle-linux-upgrade-glibc-langpack-es
oracle-linux-upgrade-glibc-langpack-et
oracle-linux-upgrade-glibc-langpack-eu
oracle-linux-upgrade-glibc-langpack-fa
oracle-linux-upgrade-glibc-langpack-ff
oracle-linux-upgrade-glibc-langpack-fi
oracle-linux-upgrade-glibc-langpack-fil
oracle-linux-upgrade-glibc-langpack-fo
oracle-linux-upgrade-glibc-langpack-fr
oracle-linux-upgrade-glibc-langpack-fur
oracle-linux-upgrade-glibc-langpack-fy
oracle-linux-upgrade-glibc-langpack-ga
oracle-linux-upgrade-glibc-langpack-gd
oracle-linux-upgrade-glibc-langpack-gez
oracle-linux-upgrade-glibc-langpack-gl
oracle-linux-upgrade-glibc-langpack-gu
oracle-linux-upgrade-glibc-langpack-gv
oracle-linux-upgrade-glibc-langpack-ha
oracle-linux-upgrade-glibc-langpack-hak
oracle-linux-upgrade-glibc-langpack-he
oracle-linux-upgrade-glibc-langpack-hi
oracle-linux-upgrade-glibc-langpack-hif
oracle-linux-upgrade-glibc-langpack-hne
oracle-linux-upgrade-glibc-langpack-hr
oracle-linux-upgrade-glibc-langpack-hsb
oracle-linux-upgrade-glibc-langpack-ht
oracle-linux-upgrade-glibc-langpack-hu
oracle-linux-upgrade-glibc-langpack-hy
oracle-linux-upgrade-glibc-langpack-ia
oracle-linux-upgrade-glibc-langpack-id
oracle-linux-upgrade-glibc-langpack-ig
oracle-linux-upgrade-glibc-langpack-ik
oracle-linux-upgrade-glibc-langpack-is
oracle-linux-upgrade-glibc-langpack-it
oracle-linux-upgrade-glibc-langpack-iu
oracle-linux-upgrade-glibc-langpack-ja
oracle-linux-upgrade-glibc-langpack-ka
oracle-linux-upgrade-glibc-langpack-kab
oracle-linux-upgrade-glibc-langpack-kk
oracle-linux-upgrade-glibc-langpack-kl
oracle-linux-upgrade-glibc-langpack-km
oracle-linux-upgrade-glibc-langpack-kn
oracle-linux-upgrade-glibc-langpack-ko
oracle-linux-upgrade-glibc-langpack-kok
oracle-linux-upgrade-glibc-langpack-ks
oracle-linux-upgrade-glibc-langpack-ku
oracle-linux-upgrade-glibc-langpack-kw
oracle-linux-upgrade-glibc-langpack-ky
oracle-linux-upgrade-glibc-langpack-lb
oracle-linux-upgrade-glibc-langpack-lg
oracle-linux-upgrade-glibc-langpack-li
oracle-linux-upgrade-glibc-langpack-lij
oracle-linux-upgrade-glibc-langpack-ln
oracle-linux-upgrade-glibc-langpack-lo
oracle-linux-upgrade-glibc-langpack-lt
oracle-linux-upgrade-glibc-langpack-lv
oracle-linux-upgrade-glibc-langpack-lzh
oracle-linux-upgrade-glibc-langpack-mag
oracle-linux-upgrade-glibc-langpack-mai
oracle-linux-upgrade-glibc-langpack-mfe
oracle-linux-upgrade-glibc-langpack-mg
oracle-linux-upgrade-glibc-langpack-mhr
oracle-linux-upgrade-glibc-langpack-mi
oracle-linux-upgrade-glibc-langpack-miq
oracle-linux-upgrade-glibc-langpack-mjw
oracle-linux-upgrade-glibc-langpack-mk
oracle-linux-upgrade-glibc-langpack-ml
oracle-linux-upgrade-glibc-langpack-mn
oracle-linux-upgrade-glibc-langpack-mni
oracle-linux-upgrade-glibc-langpack-mr
oracle-linux-upgrade-glibc-langpack-ms
oracle-linux-upgrade-glibc-langpack-mt
oracle-linux-upgrade-glibc-langpack-my
oracle-linux-upgrade-glibc-langpack-nan
oracle-linux-upgrade-glibc-langpack-nb
oracle-linux-upgrade-glibc-langpack-nds
oracle-linux-upgrade-glibc-langpack-ne
oracle-linux-upgrade-glibc-langpack-nhn
oracle-linux-upgrade-glibc-langpack-niu
oracle-linux-upgrade-glibc-langpack-nl
oracle-linux-upgrade-glibc-langpack-nn
oracle-linux-upgrade-glibc-langpack-nr
oracle-linux-upgrade-glibc-langpack-nso
oracle-linux-upgrade-glibc-langpack-oc
oracle-linux-upgrade-glibc-langpack-om
oracle-linux-upgrade-glibc-langpack-or
oracle-linux-upgrade-glibc-langpack-os
oracle-linux-upgrade-glibc-langpack-pa
oracle-linux-upgrade-glibc-langpack-pap
oracle-linux-upgrade-glibc-langpack-pl
oracle-linux-upgrade-glibc-langpack-ps
oracle-linux-upgrade-glibc-langpack-pt
oracle-linux-upgrade-glibc-langpack-quz
oracle-linux-upgrade-glibc-langpack-raj
oracle-linux-upgrade-glibc-langpack-ro
oracle-linux-upgrade-glibc-langpack-ru
oracle-linux-upgrade-glibc-langpack-rw
oracle-linux-upgrade-glibc-langpack-sa
oracle-linux-upgrade-glibc-langpack-sah
oracle-linux-upgrade-glibc-langpack-sat
oracle-linux-upgrade-glibc-langpack-sc
oracle-linux-upgrade-glibc-langpack-sd
oracle-linux-upgrade-glibc-langpack-se
oracle-linux-upgrade-glibc-langpack-sgs
oracle-linux-upgrade-glibc-langpack-shn
oracle-linux-upgrade-glibc-langpack-shs
oracle-linux-upgrade-glibc-langpack-si
oracle-linux-upgrade-glibc-langpack-sid
oracle-linux-upgrade-glibc-langpack-sk
oracle-linux-upgrade-glibc-langpack-sl
oracle-linux-upgrade-glibc-langpack-sm
oracle-linux-upgrade-glibc-langpack-so
oracle-linux-upgrade-glibc-langpack-sq
oracle-linux-upgrade-glibc-langpack-sr
oracle-linux-upgrade-glibc-langpack-ss
oracle-linux-upgrade-glibc-langpack-st
oracle-linux-upgrade-glibc-langpack-sv
oracle-linux-upgrade-glibc-langpack-sw
oracle-linux-upgrade-glibc-langpack-szl
oracle-linux-upgrade-glibc-langpack-ta
oracle-linux-upgrade-glibc-langpack-tcy
oracle-linux-upgrade-glibc-langpack-te
oracle-linux-upgrade-glibc-langpack-tg
oracle-linux-upgrade-glibc-langpack-th
oracle-linux-upgrade-glibc-langpack-the
oracle-linux-upgrade-glibc-langpack-ti
oracle-linux-upgrade-glibc-langpack-tig
oracle-linux-upgrade-glibc-langpack-tk
oracle-linux-upgrade-glibc-langpack-tl
oracle-linux-upgrade-glibc-langpack-tn
oracle-linux-upgrade-glibc-langpack-to
oracle-linux-upgrade-glibc-langpack-tpi
oracle-linux-upgrade-glibc-langpack-tr
oracle-linux-upgrade-glibc-langpack-ts
oracle-linux-upgrade-glibc-langpack-tt
oracle-linux-upgrade-glibc-langpack-ug
oracle-linux-upgrade-glibc-langpack-uk
oracle-linux-upgrade-glibc-langpack-unm
oracle-linux-upgrade-glibc-langpack-ur
oracle-linux-upgrade-glibc-langpack-uz
oracle-linux-upgrade-glibc-langpack-ve
oracle-linux-upgrade-glibc-langpack-vi
oracle-linux-upgrade-glibc-langpack-wa
oracle-linux-upgrade-glibc-langpack-wae
oracle-linux-upgrade-glibc-langpack-wal
oracle-linux-upgrade-glibc-langpack-wo
oracle-linux-upgrade-glibc-langpack-xh
oracle-linux-upgrade-glibc-langpack-yi
oracle-linux-upgrade-glibc-langpack-yo
oracle-linux-upgrade-glibc-langpack-yue
oracle-linux-upgrade-glibc-langpack-yuw
oracle-linux-upgrade-glibc-langpack-zh
oracle-linux-upgrade-glibc-langpack-zu
oracle-linux-upgrade-glibc-locale-source
oracle-linux-upgrade-glibc-minimal-langpack
oracle-linux-upgrade-glibc-nss-devel
oracle-linux-upgrade-glibc-static
oracle-linux-upgrade-glibc-utils
oracle-linux-upgrade-libnsl
oracle-linux-upgrade-nscd
oracle-linux-upgrade-nss_db
oracle-linux-upgrade-nss_hesiod

References

ELSA-2022-0896
CVE-2021-3999
USN-5310-1
USN-5310-2

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;