Privilege escalation in GNU Glibc
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2018-11236 CVE-2018-11237 |
| CWE-ID | CWE-119 CWE-120 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Glibc Universal components / Libraries / Libraries used by multiple products |
| Vendor | GNU |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Memory corruption
EUVDB-ID: #VU13011
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11236
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The vulnerability exists in the stdlib/canonicalize.c source code in the GNU glibc library due to improper processing of long pathname arguments to the realpath function. A local unauthenticated attacker can send long pathname arguments to a targeted system that is using 32-bit architecture, trigger an integer overflow condition that can lead to stack-based buffer overflow condition and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Glibc: 2.20 - 2.27
External linkshttp://sourceware.org/bugzilla/show_bug.cgi?id=22786
http://sourceware.org/git/gitweb.cgi?p=glibc.git&h=5460617d1567657621107d895ee2dd83bc1f88f2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU13200
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11237
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to an AVX-512-optimized implementation of the mempcpy function may write data beyond the target buffer. A local attacker can trigger buffer overflow in __mempcpy_avx512_no_vzeroupper and execute arbitrary code with elevated privileges.
Install update from vendor's website.
Vulnerable software versionsGlibc: 2.27
External linkshttp://sourceware.org/ml/libc-alpha/2018-05/msg00713.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
