Rapid7 Vulnerability & Exploit Database

Oracle Linux: CVE-2022-23219: ELSA-2022-0896: glibc security update (MODERATE) (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Oracle Linux: CVE-2022-23219: ELSA-2022-0896: glibc security update (MODERATE) (Multiple Advisories)

Severity
7
CVSS
(AV:N/AC:H/Au:N/C:P/I:P/A:C)
Published
12/03/2017
Created
03/19/2022
Added
03/17/2022
Modified
11/30/2024

Description

The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. A stack based buffer-overflow vulnerability was found in the deprecated compatibility function clnt_create() in the sunrpc's clnt_gen.c module of the GNU C Library (aka glibc) through 2.34. This vulnerability copies its hostname argument onto the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) lead to arbitrary code execution.

Solution(s)

  • oracle-linux-upgrade-compat-libpthread-nonshared
  • oracle-linux-upgrade-glibc
  • oracle-linux-upgrade-glibc-all-langpacks
  • oracle-linux-upgrade-glibc-benchtests
  • oracle-linux-upgrade-glibc-common
  • oracle-linux-upgrade-glibc-devel
  • oracle-linux-upgrade-glibc-headers
  • oracle-linux-upgrade-glibc-langpack-aa
  • oracle-linux-upgrade-glibc-langpack-af
  • oracle-linux-upgrade-glibc-langpack-agr
  • oracle-linux-upgrade-glibc-langpack-ak
  • oracle-linux-upgrade-glibc-langpack-am
  • oracle-linux-upgrade-glibc-langpack-an
  • oracle-linux-upgrade-glibc-langpack-anp
  • oracle-linux-upgrade-glibc-langpack-ar
  • oracle-linux-upgrade-glibc-langpack-as
  • oracle-linux-upgrade-glibc-langpack-ast
  • oracle-linux-upgrade-glibc-langpack-ayc
  • oracle-linux-upgrade-glibc-langpack-az
  • oracle-linux-upgrade-glibc-langpack-be
  • oracle-linux-upgrade-glibc-langpack-bem
  • oracle-linux-upgrade-glibc-langpack-ber
  • oracle-linux-upgrade-glibc-langpack-bg
  • oracle-linux-upgrade-glibc-langpack-bhb
  • oracle-linux-upgrade-glibc-langpack-bho
  • oracle-linux-upgrade-glibc-langpack-bi
  • oracle-linux-upgrade-glibc-langpack-bn
  • oracle-linux-upgrade-glibc-langpack-bo
  • oracle-linux-upgrade-glibc-langpack-br
  • oracle-linux-upgrade-glibc-langpack-brx
  • oracle-linux-upgrade-glibc-langpack-bs
  • oracle-linux-upgrade-glibc-langpack-byn
  • oracle-linux-upgrade-glibc-langpack-ca
  • oracle-linux-upgrade-glibc-langpack-ce
  • oracle-linux-upgrade-glibc-langpack-chr
  • oracle-linux-upgrade-glibc-langpack-cmn
  • oracle-linux-upgrade-glibc-langpack-crh
  • oracle-linux-upgrade-glibc-langpack-cs
  • oracle-linux-upgrade-glibc-langpack-csb
  • oracle-linux-upgrade-glibc-langpack-cv
  • oracle-linux-upgrade-glibc-langpack-cy
  • oracle-linux-upgrade-glibc-langpack-da
  • oracle-linux-upgrade-glibc-langpack-de
  • oracle-linux-upgrade-glibc-langpack-doi
  • oracle-linux-upgrade-glibc-langpack-dsb
  • oracle-linux-upgrade-glibc-langpack-dv
  • oracle-linux-upgrade-glibc-langpack-dz
  • oracle-linux-upgrade-glibc-langpack-el
  • oracle-linux-upgrade-glibc-langpack-en
  • oracle-linux-upgrade-glibc-langpack-eo
  • oracle-linux-upgrade-glibc-langpack-es
  • oracle-linux-upgrade-glibc-langpack-et
  • oracle-linux-upgrade-glibc-langpack-eu
  • oracle-linux-upgrade-glibc-langpack-fa
  • oracle-linux-upgrade-glibc-langpack-ff
  • oracle-linux-upgrade-glibc-langpack-fi
  • oracle-linux-upgrade-glibc-langpack-fil
  • oracle-linux-upgrade-glibc-langpack-fo
  • oracle-linux-upgrade-glibc-langpack-fr
  • oracle-linux-upgrade-glibc-langpack-fur
  • oracle-linux-upgrade-glibc-langpack-fy
  • oracle-linux-upgrade-glibc-langpack-ga
  • oracle-linux-upgrade-glibc-langpack-gd
  • oracle-linux-upgrade-glibc-langpack-gez
  • oracle-linux-upgrade-glibc-langpack-gl
  • oracle-linux-upgrade-glibc-langpack-gu
  • oracle-linux-upgrade-glibc-langpack-gv
  • oracle-linux-upgrade-glibc-langpack-ha
  • oracle-linux-upgrade-glibc-langpack-hak
  • oracle-linux-upgrade-glibc-langpack-he
  • oracle-linux-upgrade-glibc-langpack-hi
  • oracle-linux-upgrade-glibc-langpack-hif
  • oracle-linux-upgrade-glibc-langpack-hne
  • oracle-linux-upgrade-glibc-langpack-hr
  • oracle-linux-upgrade-glibc-langpack-hsb
  • oracle-linux-upgrade-glibc-langpack-ht
  • oracle-linux-upgrade-glibc-langpack-hu
  • oracle-linux-upgrade-glibc-langpack-hy
  • oracle-linux-upgrade-glibc-langpack-ia
  • oracle-linux-upgrade-glibc-langpack-id
  • oracle-linux-upgrade-glibc-langpack-ig
  • oracle-linux-upgrade-glibc-langpack-ik
  • oracle-linux-upgrade-glibc-langpack-is
  • oracle-linux-upgrade-glibc-langpack-it
  • oracle-linux-upgrade-glibc-langpack-iu
  • oracle-linux-upgrade-glibc-langpack-ja
  • oracle-linux-upgrade-glibc-langpack-ka
  • oracle-linux-upgrade-glibc-langpack-kab
  • oracle-linux-upgrade-glibc-langpack-kk
  • oracle-linux-upgrade-glibc-langpack-kl
  • oracle-linux-upgrade-glibc-langpack-km
  • oracle-linux-upgrade-glibc-langpack-kn
  • oracle-linux-upgrade-glibc-langpack-ko
  • oracle-linux-upgrade-glibc-langpack-kok
  • oracle-linux-upgrade-glibc-langpack-ks
  • oracle-linux-upgrade-glibc-langpack-ku
  • oracle-linux-upgrade-glibc-langpack-kw
  • oracle-linux-upgrade-glibc-langpack-ky
  • oracle-linux-upgrade-glibc-langpack-lb
  • oracle-linux-upgrade-glibc-langpack-lg
  • oracle-linux-upgrade-glibc-langpack-li
  • oracle-linux-upgrade-glibc-langpack-lij
  • oracle-linux-upgrade-glibc-langpack-ln
  • oracle-linux-upgrade-glibc-langpack-lo
  • oracle-linux-upgrade-glibc-langpack-lt
  • oracle-linux-upgrade-glibc-langpack-lv
  • oracle-linux-upgrade-glibc-langpack-lzh
  • oracle-linux-upgrade-glibc-langpack-mag
  • oracle-linux-upgrade-glibc-langpack-mai
  • oracle-linux-upgrade-glibc-langpack-mfe
  • oracle-linux-upgrade-glibc-langpack-mg
  • oracle-linux-upgrade-glibc-langpack-mhr
  • oracle-linux-upgrade-glibc-langpack-mi
  • oracle-linux-upgrade-glibc-langpack-miq
  • oracle-linux-upgrade-glibc-langpack-mjw
  • oracle-linux-upgrade-glibc-langpack-mk
  • oracle-linux-upgrade-glibc-langpack-ml
  • oracle-linux-upgrade-glibc-langpack-mn
  • oracle-linux-upgrade-glibc-langpack-mni
  • oracle-linux-upgrade-glibc-langpack-mr
  • oracle-linux-upgrade-glibc-langpack-ms
  • oracle-linux-upgrade-glibc-langpack-mt
  • oracle-linux-upgrade-glibc-langpack-my
  • oracle-linux-upgrade-glibc-langpack-nan
  • oracle-linux-upgrade-glibc-langpack-nb
  • oracle-linux-upgrade-glibc-langpack-nds
  • oracle-linux-upgrade-glibc-langpack-ne
  • oracle-linux-upgrade-glibc-langpack-nhn
  • oracle-linux-upgrade-glibc-langpack-niu
  • oracle-linux-upgrade-glibc-langpack-nl
  • oracle-linux-upgrade-glibc-langpack-nn
  • oracle-linux-upgrade-glibc-langpack-nr
  • oracle-linux-upgrade-glibc-langpack-nso
  • oracle-linux-upgrade-glibc-langpack-oc
  • oracle-linux-upgrade-glibc-langpack-om
  • oracle-linux-upgrade-glibc-langpack-or
  • oracle-linux-upgrade-glibc-langpack-os
  • oracle-linux-upgrade-glibc-langpack-pa
  • oracle-linux-upgrade-glibc-langpack-pap
  • oracle-linux-upgrade-glibc-langpack-pl
  • oracle-linux-upgrade-glibc-langpack-ps
  • oracle-linux-upgrade-glibc-langpack-pt
  • oracle-linux-upgrade-glibc-langpack-quz
  • oracle-linux-upgrade-glibc-langpack-raj
  • oracle-linux-upgrade-glibc-langpack-ro
  • oracle-linux-upgrade-glibc-langpack-ru
  • oracle-linux-upgrade-glibc-langpack-rw
  • oracle-linux-upgrade-glibc-langpack-sa
  • oracle-linux-upgrade-glibc-langpack-sah
  • oracle-linux-upgrade-glibc-langpack-sat
  • oracle-linux-upgrade-glibc-langpack-sc
  • oracle-linux-upgrade-glibc-langpack-sd
  • oracle-linux-upgrade-glibc-langpack-se
  • oracle-linux-upgrade-glibc-langpack-sgs
  • oracle-linux-upgrade-glibc-langpack-shn
  • oracle-linux-upgrade-glibc-langpack-shs
  • oracle-linux-upgrade-glibc-langpack-si
  • oracle-linux-upgrade-glibc-langpack-sid
  • oracle-linux-upgrade-glibc-langpack-sk
  • oracle-linux-upgrade-glibc-langpack-sl
  • oracle-linux-upgrade-glibc-langpack-sm
  • oracle-linux-upgrade-glibc-langpack-so
  • oracle-linux-upgrade-glibc-langpack-sq
  • oracle-linux-upgrade-glibc-langpack-sr
  • oracle-linux-upgrade-glibc-langpack-ss
  • oracle-linux-upgrade-glibc-langpack-st
  • oracle-linux-upgrade-glibc-langpack-sv
  • oracle-linux-upgrade-glibc-langpack-sw
  • oracle-linux-upgrade-glibc-langpack-szl
  • oracle-linux-upgrade-glibc-langpack-ta
  • oracle-linux-upgrade-glibc-langpack-tcy
  • oracle-linux-upgrade-glibc-langpack-te
  • oracle-linux-upgrade-glibc-langpack-tg
  • oracle-linux-upgrade-glibc-langpack-th
  • oracle-linux-upgrade-glibc-langpack-the
  • oracle-linux-upgrade-glibc-langpack-ti
  • oracle-linux-upgrade-glibc-langpack-tig
  • oracle-linux-upgrade-glibc-langpack-tk
  • oracle-linux-upgrade-glibc-langpack-tl
  • oracle-linux-upgrade-glibc-langpack-tn
  • oracle-linux-upgrade-glibc-langpack-to
  • oracle-linux-upgrade-glibc-langpack-tpi
  • oracle-linux-upgrade-glibc-langpack-tr
  • oracle-linux-upgrade-glibc-langpack-ts
  • oracle-linux-upgrade-glibc-langpack-tt
  • oracle-linux-upgrade-glibc-langpack-ug
  • oracle-linux-upgrade-glibc-langpack-uk
  • oracle-linux-upgrade-glibc-langpack-unm
  • oracle-linux-upgrade-glibc-langpack-ur
  • oracle-linux-upgrade-glibc-langpack-uz
  • oracle-linux-upgrade-glibc-langpack-ve
  • oracle-linux-upgrade-glibc-langpack-vi
  • oracle-linux-upgrade-glibc-langpack-wa
  • oracle-linux-upgrade-glibc-langpack-wae
  • oracle-linux-upgrade-glibc-langpack-wal
  • oracle-linux-upgrade-glibc-langpack-wo
  • oracle-linux-upgrade-glibc-langpack-xh
  • oracle-linux-upgrade-glibc-langpack-yi
  • oracle-linux-upgrade-glibc-langpack-yo
  • oracle-linux-upgrade-glibc-langpack-yue
  • oracle-linux-upgrade-glibc-langpack-yuw
  • oracle-linux-upgrade-glibc-langpack-zh
  • oracle-linux-upgrade-glibc-langpack-zu
  • oracle-linux-upgrade-glibc-locale-source
  • oracle-linux-upgrade-glibc-minimal-langpack
  • oracle-linux-upgrade-glibc-nss-devel
  • oracle-linux-upgrade-glibc-static
  • oracle-linux-upgrade-glibc-utils
  • oracle-linux-upgrade-libnsl
  • oracle-linux-upgrade-nscd
  • oracle-linux-upgrade-nss-db
  • oracle-linux-upgrade-nss-hesiod

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;