Oracle Linux: CVE-2022-23219: ELSA-2022-0896: glibc security update (MODERATE) (Multiple Advisories)
7
(AV:N/AC:H/Au:N/C:P/I:P/A:C)
12/03/2017
03/19/2022
10/16/2024
10/17/2024
Description
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. A stack based buffer-overflow vulnerability was found in the deprecated compatibility function clnt_create() in the sunrpc's clnt_gen.c module of the GNU C Library (aka glibc) through 2.34. This vulnerability copies its hostname argument onto the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) lead to arbitrary code execution.
Solution(s)
- oracle-linux-upgrade-compat-libpthread-nonshared
- oracle-linux-upgrade-glibc
- oracle-linux-upgrade-glibc-all-langpacks
- oracle-linux-upgrade-glibc-benchtests
- oracle-linux-upgrade-glibc-common
- oracle-linux-upgrade-glibc-devel
- oracle-linux-upgrade-glibc-headers
- oracle-linux-upgrade-glibc-langpack-aa
- oracle-linux-upgrade-glibc-langpack-af
- oracle-linux-upgrade-glibc-langpack-agr
- oracle-linux-upgrade-glibc-langpack-ak
- oracle-linux-upgrade-glibc-langpack-am
- oracle-linux-upgrade-glibc-langpack-an
- oracle-linux-upgrade-glibc-langpack-anp
- oracle-linux-upgrade-glibc-langpack-ar
- oracle-linux-upgrade-glibc-langpack-as
- oracle-linux-upgrade-glibc-langpack-ast
- oracle-linux-upgrade-glibc-langpack-ayc
- oracle-linux-upgrade-glibc-langpack-az
- oracle-linux-upgrade-glibc-langpack-be
- oracle-linux-upgrade-glibc-langpack-bem
- oracle-linux-upgrade-glibc-langpack-ber
- oracle-linux-upgrade-glibc-langpack-bg
- oracle-linux-upgrade-glibc-langpack-bhb
- oracle-linux-upgrade-glibc-langpack-bho
- oracle-linux-upgrade-glibc-langpack-bi
- oracle-linux-upgrade-glibc-langpack-bn
- oracle-linux-upgrade-glibc-langpack-bo
- oracle-linux-upgrade-glibc-langpack-br
- oracle-linux-upgrade-glibc-langpack-brx
- oracle-linux-upgrade-glibc-langpack-bs
- oracle-linux-upgrade-glibc-langpack-byn
- oracle-linux-upgrade-glibc-langpack-ca
- oracle-linux-upgrade-glibc-langpack-ce
- oracle-linux-upgrade-glibc-langpack-chr
- oracle-linux-upgrade-glibc-langpack-cmn
- oracle-linux-upgrade-glibc-langpack-crh
- oracle-linux-upgrade-glibc-langpack-cs
- oracle-linux-upgrade-glibc-langpack-csb
- oracle-linux-upgrade-glibc-langpack-cv
- oracle-linux-upgrade-glibc-langpack-cy
- oracle-linux-upgrade-glibc-langpack-da
- oracle-linux-upgrade-glibc-langpack-de
- oracle-linux-upgrade-glibc-langpack-doi
- oracle-linux-upgrade-glibc-langpack-dsb
- oracle-linux-upgrade-glibc-langpack-dv
- oracle-linux-upgrade-glibc-langpack-dz
- oracle-linux-upgrade-glibc-langpack-el
- oracle-linux-upgrade-glibc-langpack-en
- oracle-linux-upgrade-glibc-langpack-eo
- oracle-linux-upgrade-glibc-langpack-es
- oracle-linux-upgrade-glibc-langpack-et
- oracle-linux-upgrade-glibc-langpack-eu
- oracle-linux-upgrade-glibc-langpack-fa
- oracle-linux-upgrade-glibc-langpack-ff
- oracle-linux-upgrade-glibc-langpack-fi
- oracle-linux-upgrade-glibc-langpack-fil
- oracle-linux-upgrade-glibc-langpack-fo
- oracle-linux-upgrade-glibc-langpack-fr
- oracle-linux-upgrade-glibc-langpack-fur
- oracle-linux-upgrade-glibc-langpack-fy
- oracle-linux-upgrade-glibc-langpack-ga
- oracle-linux-upgrade-glibc-langpack-gd
- oracle-linux-upgrade-glibc-langpack-gez
- oracle-linux-upgrade-glibc-langpack-gl
- oracle-linux-upgrade-glibc-langpack-gu
- oracle-linux-upgrade-glibc-langpack-gv
- oracle-linux-upgrade-glibc-langpack-ha
- oracle-linux-upgrade-glibc-langpack-hak
- oracle-linux-upgrade-glibc-langpack-he
- oracle-linux-upgrade-glibc-langpack-hi
- oracle-linux-upgrade-glibc-langpack-hif
- oracle-linux-upgrade-glibc-langpack-hne
- oracle-linux-upgrade-glibc-langpack-hr
- oracle-linux-upgrade-glibc-langpack-hsb
- oracle-linux-upgrade-glibc-langpack-ht
- oracle-linux-upgrade-glibc-langpack-hu
- oracle-linux-upgrade-glibc-langpack-hy
- oracle-linux-upgrade-glibc-langpack-ia
- oracle-linux-upgrade-glibc-langpack-id
- oracle-linux-upgrade-glibc-langpack-ig
- oracle-linux-upgrade-glibc-langpack-ik
- oracle-linux-upgrade-glibc-langpack-is
- oracle-linux-upgrade-glibc-langpack-it
- oracle-linux-upgrade-glibc-langpack-iu
- oracle-linux-upgrade-glibc-langpack-ja
- oracle-linux-upgrade-glibc-langpack-ka
- oracle-linux-upgrade-glibc-langpack-kab
- oracle-linux-upgrade-glibc-langpack-kk
- oracle-linux-upgrade-glibc-langpack-kl
- oracle-linux-upgrade-glibc-langpack-km
- oracle-linux-upgrade-glibc-langpack-kn
- oracle-linux-upgrade-glibc-langpack-ko
- oracle-linux-upgrade-glibc-langpack-kok
- oracle-linux-upgrade-glibc-langpack-ks
- oracle-linux-upgrade-glibc-langpack-ku
- oracle-linux-upgrade-glibc-langpack-kw
- oracle-linux-upgrade-glibc-langpack-ky
- oracle-linux-upgrade-glibc-langpack-lb
- oracle-linux-upgrade-glibc-langpack-lg
- oracle-linux-upgrade-glibc-langpack-li
- oracle-linux-upgrade-glibc-langpack-lij
- oracle-linux-upgrade-glibc-langpack-ln
- oracle-linux-upgrade-glibc-langpack-lo
- oracle-linux-upgrade-glibc-langpack-lt
- oracle-linux-upgrade-glibc-langpack-lv
- oracle-linux-upgrade-glibc-langpack-lzh
- oracle-linux-upgrade-glibc-langpack-mag
- oracle-linux-upgrade-glibc-langpack-mai
- oracle-linux-upgrade-glibc-langpack-mfe
- oracle-linux-upgrade-glibc-langpack-mg
- oracle-linux-upgrade-glibc-langpack-mhr
- oracle-linux-upgrade-glibc-langpack-mi
- oracle-linux-upgrade-glibc-langpack-miq
- oracle-linux-upgrade-glibc-langpack-mjw
- oracle-linux-upgrade-glibc-langpack-mk
- oracle-linux-upgrade-glibc-langpack-ml
- oracle-linux-upgrade-glibc-langpack-mn
- oracle-linux-upgrade-glibc-langpack-mni
- oracle-linux-upgrade-glibc-langpack-mr
- oracle-linux-upgrade-glibc-langpack-ms
- oracle-linux-upgrade-glibc-langpack-mt
- oracle-linux-upgrade-glibc-langpack-my
- oracle-linux-upgrade-glibc-langpack-nan
- oracle-linux-upgrade-glibc-langpack-nb
- oracle-linux-upgrade-glibc-langpack-nds
- oracle-linux-upgrade-glibc-langpack-ne
- oracle-linux-upgrade-glibc-langpack-nhn
- oracle-linux-upgrade-glibc-langpack-niu
- oracle-linux-upgrade-glibc-langpack-nl
- oracle-linux-upgrade-glibc-langpack-nn
- oracle-linux-upgrade-glibc-langpack-nr
- oracle-linux-upgrade-glibc-langpack-nso
- oracle-linux-upgrade-glibc-langpack-oc
- oracle-linux-upgrade-glibc-langpack-om
- oracle-linux-upgrade-glibc-langpack-or
- oracle-linux-upgrade-glibc-langpack-os
- oracle-linux-upgrade-glibc-langpack-pa
- oracle-linux-upgrade-glibc-langpack-pap
- oracle-linux-upgrade-glibc-langpack-pl
- oracle-linux-upgrade-glibc-langpack-ps
- oracle-linux-upgrade-glibc-langpack-pt
- oracle-linux-upgrade-glibc-langpack-quz
- oracle-linux-upgrade-glibc-langpack-raj
- oracle-linux-upgrade-glibc-langpack-ro
- oracle-linux-upgrade-glibc-langpack-ru
- oracle-linux-upgrade-glibc-langpack-rw
- oracle-linux-upgrade-glibc-langpack-sa
- oracle-linux-upgrade-glibc-langpack-sah
- oracle-linux-upgrade-glibc-langpack-sat
- oracle-linux-upgrade-glibc-langpack-sc
- oracle-linux-upgrade-glibc-langpack-sd
- oracle-linux-upgrade-glibc-langpack-se
- oracle-linux-upgrade-glibc-langpack-sgs
- oracle-linux-upgrade-glibc-langpack-shn
- oracle-linux-upgrade-glibc-langpack-shs
- oracle-linux-upgrade-glibc-langpack-si
- oracle-linux-upgrade-glibc-langpack-sid
- oracle-linux-upgrade-glibc-langpack-sk
- oracle-linux-upgrade-glibc-langpack-sl
- oracle-linux-upgrade-glibc-langpack-sm
- oracle-linux-upgrade-glibc-langpack-so
- oracle-linux-upgrade-glibc-langpack-sq
- oracle-linux-upgrade-glibc-langpack-sr
- oracle-linux-upgrade-glibc-langpack-ss
- oracle-linux-upgrade-glibc-langpack-st
- oracle-linux-upgrade-glibc-langpack-sv
- oracle-linux-upgrade-glibc-langpack-sw
- oracle-linux-upgrade-glibc-langpack-szl
- oracle-linux-upgrade-glibc-langpack-ta
- oracle-linux-upgrade-glibc-langpack-tcy
- oracle-linux-upgrade-glibc-langpack-te
- oracle-linux-upgrade-glibc-langpack-tg
- oracle-linux-upgrade-glibc-langpack-th
- oracle-linux-upgrade-glibc-langpack-the
- oracle-linux-upgrade-glibc-langpack-ti
- oracle-linux-upgrade-glibc-langpack-tig
- oracle-linux-upgrade-glibc-langpack-tk
- oracle-linux-upgrade-glibc-langpack-tl
- oracle-linux-upgrade-glibc-langpack-tn
- oracle-linux-upgrade-glibc-langpack-to
- oracle-linux-upgrade-glibc-langpack-tpi
- oracle-linux-upgrade-glibc-langpack-tr
- oracle-linux-upgrade-glibc-langpack-ts
- oracle-linux-upgrade-glibc-langpack-tt
- oracle-linux-upgrade-glibc-langpack-ug
- oracle-linux-upgrade-glibc-langpack-uk
- oracle-linux-upgrade-glibc-langpack-unm
- oracle-linux-upgrade-glibc-langpack-ur
- oracle-linux-upgrade-glibc-langpack-uz
- oracle-linux-upgrade-glibc-langpack-ve
- oracle-linux-upgrade-glibc-langpack-vi
- oracle-linux-upgrade-glibc-langpack-wa
- oracle-linux-upgrade-glibc-langpack-wae
- oracle-linux-upgrade-glibc-langpack-wal
- oracle-linux-upgrade-glibc-langpack-wo
- oracle-linux-upgrade-glibc-langpack-xh
- oracle-linux-upgrade-glibc-langpack-yi
- oracle-linux-upgrade-glibc-langpack-yo
- oracle-linux-upgrade-glibc-langpack-yue
- oracle-linux-upgrade-glibc-langpack-yuw
- oracle-linux-upgrade-glibc-langpack-zh
- oracle-linux-upgrade-glibc-langpack-zu
- oracle-linux-upgrade-glibc-locale-source
- oracle-linux-upgrade-glibc-minimal-langpack
- oracle-linux-upgrade-glibc-nss-devel
- oracle-linux-upgrade-glibc-static
- oracle-linux-upgrade-glibc-utils
- oracle-linux-upgrade-libnsl
- oracle-linux-upgrade-nscd
- oracle-linux-upgrade-nss-db
- oracle-linux-upgrade-nss-hesiod
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center