Oracle Linux: CVE-2019-19126: ELSA-2020-3861: glibc security, bug fix, and enhancement update (LOW) (Multiple Advisories)
1
(AV:L/AC:H/Au:N/C:P/I:N/A:N)
11/19/2019
10/09/2020
10/16/2024
10/17/2024
Description
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program. A vulnerability was discovered in glibc where the LD_PREFER_MAP_32BIT_EXEC environment variable is not ignored when running binaries with the setuid flag on x86_64 architectures. This allows an attacker to force system to utilize only half of the memory (making the system think the software is 32-bit only), thus lowering the amount of memory being used with address space layout randomization (ASLR). The highest threat is confidentiality although the complexity of attack is high. The affected application must already have other vulnerabilities for this flaw to be usable.
Solution(s)
- oracle-linux-upgrade-compat-libpthread-nonshared
- oracle-linux-upgrade-glibc
- oracle-linux-upgrade-glibc-all-langpacks
- oracle-linux-upgrade-glibc-benchtests
- oracle-linux-upgrade-glibc-common
- oracle-linux-upgrade-glibc-devel
- oracle-linux-upgrade-glibc-headers
- oracle-linux-upgrade-glibc-langpack-aa
- oracle-linux-upgrade-glibc-langpack-af
- oracle-linux-upgrade-glibc-langpack-agr
- oracle-linux-upgrade-glibc-langpack-ak
- oracle-linux-upgrade-glibc-langpack-am
- oracle-linux-upgrade-glibc-langpack-an
- oracle-linux-upgrade-glibc-langpack-anp
- oracle-linux-upgrade-glibc-langpack-ar
- oracle-linux-upgrade-glibc-langpack-as
- oracle-linux-upgrade-glibc-langpack-ast
- oracle-linux-upgrade-glibc-langpack-ayc
- oracle-linux-upgrade-glibc-langpack-az
- oracle-linux-upgrade-glibc-langpack-be
- oracle-linux-upgrade-glibc-langpack-bem
- oracle-linux-upgrade-glibc-langpack-ber
- oracle-linux-upgrade-glibc-langpack-bg
- oracle-linux-upgrade-glibc-langpack-bhb
- oracle-linux-upgrade-glibc-langpack-bho
- oracle-linux-upgrade-glibc-langpack-bi
- oracle-linux-upgrade-glibc-langpack-bn
- oracle-linux-upgrade-glibc-langpack-bo
- oracle-linux-upgrade-glibc-langpack-br
- oracle-linux-upgrade-glibc-langpack-brx
- oracle-linux-upgrade-glibc-langpack-bs
- oracle-linux-upgrade-glibc-langpack-byn
- oracle-linux-upgrade-glibc-langpack-ca
- oracle-linux-upgrade-glibc-langpack-ce
- oracle-linux-upgrade-glibc-langpack-chr
- oracle-linux-upgrade-glibc-langpack-cmn
- oracle-linux-upgrade-glibc-langpack-crh
- oracle-linux-upgrade-glibc-langpack-cs
- oracle-linux-upgrade-glibc-langpack-csb
- oracle-linux-upgrade-glibc-langpack-cv
- oracle-linux-upgrade-glibc-langpack-cy
- oracle-linux-upgrade-glibc-langpack-da
- oracle-linux-upgrade-glibc-langpack-de
- oracle-linux-upgrade-glibc-langpack-doi
- oracle-linux-upgrade-glibc-langpack-dsb
- oracle-linux-upgrade-glibc-langpack-dv
- oracle-linux-upgrade-glibc-langpack-dz
- oracle-linux-upgrade-glibc-langpack-el
- oracle-linux-upgrade-glibc-langpack-en
- oracle-linux-upgrade-glibc-langpack-eo
- oracle-linux-upgrade-glibc-langpack-es
- oracle-linux-upgrade-glibc-langpack-et
- oracle-linux-upgrade-glibc-langpack-eu
- oracle-linux-upgrade-glibc-langpack-fa
- oracle-linux-upgrade-glibc-langpack-ff
- oracle-linux-upgrade-glibc-langpack-fi
- oracle-linux-upgrade-glibc-langpack-fil
- oracle-linux-upgrade-glibc-langpack-fo
- oracle-linux-upgrade-glibc-langpack-fr
- oracle-linux-upgrade-glibc-langpack-fur
- oracle-linux-upgrade-glibc-langpack-fy
- oracle-linux-upgrade-glibc-langpack-ga
- oracle-linux-upgrade-glibc-langpack-gd
- oracle-linux-upgrade-glibc-langpack-gez
- oracle-linux-upgrade-glibc-langpack-gl
- oracle-linux-upgrade-glibc-langpack-gu
- oracle-linux-upgrade-glibc-langpack-gv
- oracle-linux-upgrade-glibc-langpack-ha
- oracle-linux-upgrade-glibc-langpack-hak
- oracle-linux-upgrade-glibc-langpack-he
- oracle-linux-upgrade-glibc-langpack-hi
- oracle-linux-upgrade-glibc-langpack-hif
- oracle-linux-upgrade-glibc-langpack-hne
- oracle-linux-upgrade-glibc-langpack-hr
- oracle-linux-upgrade-glibc-langpack-hsb
- oracle-linux-upgrade-glibc-langpack-ht
- oracle-linux-upgrade-glibc-langpack-hu
- oracle-linux-upgrade-glibc-langpack-hy
- oracle-linux-upgrade-glibc-langpack-ia
- oracle-linux-upgrade-glibc-langpack-id
- oracle-linux-upgrade-glibc-langpack-ig
- oracle-linux-upgrade-glibc-langpack-ik
- oracle-linux-upgrade-glibc-langpack-is
- oracle-linux-upgrade-glibc-langpack-it
- oracle-linux-upgrade-glibc-langpack-iu
- oracle-linux-upgrade-glibc-langpack-ja
- oracle-linux-upgrade-glibc-langpack-ka
- oracle-linux-upgrade-glibc-langpack-kab
- oracle-linux-upgrade-glibc-langpack-kk
- oracle-linux-upgrade-glibc-langpack-kl
- oracle-linux-upgrade-glibc-langpack-km
- oracle-linux-upgrade-glibc-langpack-kn
- oracle-linux-upgrade-glibc-langpack-ko
- oracle-linux-upgrade-glibc-langpack-kok
- oracle-linux-upgrade-glibc-langpack-ks
- oracle-linux-upgrade-glibc-langpack-ku
- oracle-linux-upgrade-glibc-langpack-kw
- oracle-linux-upgrade-glibc-langpack-ky
- oracle-linux-upgrade-glibc-langpack-lb
- oracle-linux-upgrade-glibc-langpack-lg
- oracle-linux-upgrade-glibc-langpack-li
- oracle-linux-upgrade-glibc-langpack-lij
- oracle-linux-upgrade-glibc-langpack-ln
- oracle-linux-upgrade-glibc-langpack-lo
- oracle-linux-upgrade-glibc-langpack-lt
- oracle-linux-upgrade-glibc-langpack-lv
- oracle-linux-upgrade-glibc-langpack-lzh
- oracle-linux-upgrade-glibc-langpack-mag
- oracle-linux-upgrade-glibc-langpack-mai
- oracle-linux-upgrade-glibc-langpack-mfe
- oracle-linux-upgrade-glibc-langpack-mg
- oracle-linux-upgrade-glibc-langpack-mhr
- oracle-linux-upgrade-glibc-langpack-mi
- oracle-linux-upgrade-glibc-langpack-miq
- oracle-linux-upgrade-glibc-langpack-mjw
- oracle-linux-upgrade-glibc-langpack-mk
- oracle-linux-upgrade-glibc-langpack-ml
- oracle-linux-upgrade-glibc-langpack-mn
- oracle-linux-upgrade-glibc-langpack-mni
- oracle-linux-upgrade-glibc-langpack-mr
- oracle-linux-upgrade-glibc-langpack-ms
- oracle-linux-upgrade-glibc-langpack-mt
- oracle-linux-upgrade-glibc-langpack-my
- oracle-linux-upgrade-glibc-langpack-nan
- oracle-linux-upgrade-glibc-langpack-nb
- oracle-linux-upgrade-glibc-langpack-nds
- oracle-linux-upgrade-glibc-langpack-ne
- oracle-linux-upgrade-glibc-langpack-nhn
- oracle-linux-upgrade-glibc-langpack-niu
- oracle-linux-upgrade-glibc-langpack-nl
- oracle-linux-upgrade-glibc-langpack-nn
- oracle-linux-upgrade-glibc-langpack-nr
- oracle-linux-upgrade-glibc-langpack-nso
- oracle-linux-upgrade-glibc-langpack-oc
- oracle-linux-upgrade-glibc-langpack-om
- oracle-linux-upgrade-glibc-langpack-or
- oracle-linux-upgrade-glibc-langpack-os
- oracle-linux-upgrade-glibc-langpack-pa
- oracle-linux-upgrade-glibc-langpack-pap
- oracle-linux-upgrade-glibc-langpack-pl
- oracle-linux-upgrade-glibc-langpack-ps
- oracle-linux-upgrade-glibc-langpack-pt
- oracle-linux-upgrade-glibc-langpack-quz
- oracle-linux-upgrade-glibc-langpack-raj
- oracle-linux-upgrade-glibc-langpack-ro
- oracle-linux-upgrade-glibc-langpack-ru
- oracle-linux-upgrade-glibc-langpack-rw
- oracle-linux-upgrade-glibc-langpack-sa
- oracle-linux-upgrade-glibc-langpack-sah
- oracle-linux-upgrade-glibc-langpack-sat
- oracle-linux-upgrade-glibc-langpack-sc
- oracle-linux-upgrade-glibc-langpack-sd
- oracle-linux-upgrade-glibc-langpack-se
- oracle-linux-upgrade-glibc-langpack-sgs
- oracle-linux-upgrade-glibc-langpack-shn
- oracle-linux-upgrade-glibc-langpack-shs
- oracle-linux-upgrade-glibc-langpack-si
- oracle-linux-upgrade-glibc-langpack-sid
- oracle-linux-upgrade-glibc-langpack-sk
- oracle-linux-upgrade-glibc-langpack-sl
- oracle-linux-upgrade-glibc-langpack-sm
- oracle-linux-upgrade-glibc-langpack-so
- oracle-linux-upgrade-glibc-langpack-sq
- oracle-linux-upgrade-glibc-langpack-sr
- oracle-linux-upgrade-glibc-langpack-ss
- oracle-linux-upgrade-glibc-langpack-st
- oracle-linux-upgrade-glibc-langpack-sv
- oracle-linux-upgrade-glibc-langpack-sw
- oracle-linux-upgrade-glibc-langpack-szl
- oracle-linux-upgrade-glibc-langpack-ta
- oracle-linux-upgrade-glibc-langpack-tcy
- oracle-linux-upgrade-glibc-langpack-te
- oracle-linux-upgrade-glibc-langpack-tg
- oracle-linux-upgrade-glibc-langpack-th
- oracle-linux-upgrade-glibc-langpack-the
- oracle-linux-upgrade-glibc-langpack-ti
- oracle-linux-upgrade-glibc-langpack-tig
- oracle-linux-upgrade-glibc-langpack-tk
- oracle-linux-upgrade-glibc-langpack-tl
- oracle-linux-upgrade-glibc-langpack-tn
- oracle-linux-upgrade-glibc-langpack-to
- oracle-linux-upgrade-glibc-langpack-tpi
- oracle-linux-upgrade-glibc-langpack-tr
- oracle-linux-upgrade-glibc-langpack-ts
- oracle-linux-upgrade-glibc-langpack-tt
- oracle-linux-upgrade-glibc-langpack-ug
- oracle-linux-upgrade-glibc-langpack-uk
- oracle-linux-upgrade-glibc-langpack-unm
- oracle-linux-upgrade-glibc-langpack-ur
- oracle-linux-upgrade-glibc-langpack-uz
- oracle-linux-upgrade-glibc-langpack-ve
- oracle-linux-upgrade-glibc-langpack-vi
- oracle-linux-upgrade-glibc-langpack-wa
- oracle-linux-upgrade-glibc-langpack-wae
- oracle-linux-upgrade-glibc-langpack-wal
- oracle-linux-upgrade-glibc-langpack-wo
- oracle-linux-upgrade-glibc-langpack-xh
- oracle-linux-upgrade-glibc-langpack-yi
- oracle-linux-upgrade-glibc-langpack-yo
- oracle-linux-upgrade-glibc-langpack-yue
- oracle-linux-upgrade-glibc-langpack-yuw
- oracle-linux-upgrade-glibc-langpack-zh
- oracle-linux-upgrade-glibc-langpack-zu
- oracle-linux-upgrade-glibc-locale-source
- oracle-linux-upgrade-glibc-minimal-langpack
- oracle-linux-upgrade-glibc-nss-devel
- oracle-linux-upgrade-glibc-static
- oracle-linux-upgrade-glibc-utils
- oracle-linux-upgrade-libnsl
- oracle-linux-upgrade-nscd
- oracle-linux-upgrade-nss-db
- oracle-linux-upgrade-nss-hesiod
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center