USN-6762-1: GNU C Library vulnerabilities

Releases

• Ubuntu 18.04 ESM
• Ubuntu 16.04 ESM
• Ubuntu 14.04 ESM

Packages

• eglibc - GNU C Library
• glibc - GNU C Library

Details

It was discovered that GNU C Library incorrectly handled netgroup requests.
An attacker could possibly use this issue to cause a crash or execute arbitrary code.
This issue only affected Ubuntu 14.04 LTS. (CVE-2014-9984)

It was discovered that GNU C Library might allow context-dependent
attackers to cause a denial of service. This issue only affected Ubuntu 14.04 LTS.
(CVE-2015-20109)

It was discovered that GNU C Library when processing very long pathname arguments to
the realpath function, could encounter an integer overflow on 32-bit
architectures, leading to a stack-based buffer overflow and, potentially,
arbitrary code execution. This issue only affected Ubuntu 14.04 LTS.
(CVE-2018-11236)

It was discovered that the GNU C library getcwd function incorrectly
handled buffers. An attacker could use this issue to cause the GNU C
Library to crash, resulting in a denial of service, or possibly execute
arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2021-3999)

Charles Fol discovered that the GNU C Library iconv feature incorrectly
handled certain input sequences. An attacker could use this issue to cause
the GNU C Library to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2024-2961)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04

• libc6 - 2.27-3ubuntu1.6+esm2
  Available with Ubuntu Pro

Ubuntu 16.04

• libc6 - 2.23-0ubuntu11.3+esm6
  Available with Ubuntu Pro

Ubuntu 14.04

• libc6 - 2.19-0ubuntu6.15+esm3
  Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

• CVE-2024-2961
• CVE-2021-3999
• CVE-2014-9984
• CVE-2018-11236
• CVE-2015-20109
• https://launchpad.net/bugs/2063328

Related notices

• USN-6737-1: glibc-source, libc6-pic, libc6-prof, libc6-armel, libc6-dev, libc6-x32, glibc-doc, libc6-amd64, libc6-dev-amd64, libc-devtools, libc-dev-bin, libc6-dev-x32, nscd, libc6-i386, libc-bin, libc6, libc6-dev-i386, libc6-lse, libc6-dev-armel, libc6-s390, locales-all, glibc, libc6-dev-s390, locales
• USN-6737-2: glibc-source, libc6-dev, libc6-x32, glibc-doc, libc6-amd64, libc6-dev-amd64, libc-devtools, libc-dev-bin, libc6-dev-x32, nscd, libc6-i386, libc-bin, libc6, libc6-dev-i386, libc6-s390, locales-all, glibc, libc6-dev-s390, locales
• USN-5310-1: glibc-source, libc6-pic, libc6-prof, libc6-armel, libc6-dev, libc6-x32, glibc-doc, libc6-amd64, libc6-dev-amd64, multiarch-support, libc-devtools, libc-dev-bin, libc6-dev-x32, nscd, libc6-i386, libc-bin, libc6, libc6-dev-i386, libc6-lse, libc6-dev-armel, libc6-s390, locales-all, glibc, libc6-dev-s390, locales
• USN-5310-2: glibc-source, libc6-pic, libc6-armel, libc6-dev, libc6-x32, glibc-doc, libc6-amd64, libc6-dev-amd64, multiarch-support, libc-dev-bin, libc6-dev-x32, nscd, libc6-i386, libc-bin, libc6, libc6-dev-i386, libc6-dev-armel, libc6-s390, locales-all, glibc, libc6-dev-s390, locales
• USN-4416-1: glibc-source, libc6-pic, libc6-armel, libc6-dev, libc6-x32, glibc-doc, libc6-amd64, libc6-dev-amd64, multiarch-support, libc6-ppc64, libc6-udeb, libc-dev-bin, libc6-dev-x32, nscd, libc6-i386, libc-bin, libc6, libc6-dev-i386, libc6-dev-ppc64, libc6-dev-armel, libc6-s390, locales-all, glibc, libc6-dev-s390, locales