[El-errata] New glibc updates available via Ksplice (ELSA-2015-2199)

[Errata Announcements for Oracle Linux]

Synopsis: ELSA-2015-2199 can now be patched using Ksplice
CVEs: CVE-2013-7423 CVE-2015-1472 CVE-2015-1473 CVE-2015-1781

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Security Advisory, ELSA-2015-2199.

INSTALLING THE UPDATES

We recommend that all users of Ksplice on OL 7 install these updates.

You can install these updates by running:

# ksplice -y user upgrade


DESCRIPTION

* CVE-2015-1472, CVE-2015-1473: Denial-of-service in wscanf().

Both heap and stack based overflows in swscanf() could allow an attacker
with the ability to make a swscanf() call to crash the application, or
potentially execute arbitrary code.


* CVE-2015-1781: Remote code execution in gethostbyname_r().

A buffer overflow in the gethostbyname_r() implementation and other
related functions could allow an attacker that could trigger execution
of these functions with a misaligned buffer to crash the application, or
potentially execute arbitrary code.


* CVE-2013-7423: information leak in DNS queries under load.

Under specific conditions the DNS resolver could send requests to
incorrect file descriptors resulting in an information leak to
unintended recipients or causing application errors due to failed
lookups.


* Denial-of-service in _IO_wstr_overflow().

An integer overflow in _IO_wstr_overflow() that could lead to a later
buffer overflow could allow an attacker with the ability to call this
function to crash the application or potentially execute arbitrary code.


* Denial-of-service of in fnmatch() pattern matching.

A number of out-of-bounds memory accesses in the fnmatch()
implementation could allow an attacker with the ability to call
fnmatch() with attacker supplied input to crash the application.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.