ELSA-2024-3588

ELSA-2024-3588 - glibc security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2024-06-05

Description

[2.17-326.3]
- Forward-port Oracle patches to 2.17-326.3
Reviewed-by: Jose E. Marchesi

[2.17-326.3]
- nscd: Fix timeout type in netgroup cache (RHEL-34263)

[2.17-326.2]
- nscd: Do not use sendfile for the netgroup cache
- nscd: Use-after-free in netgroup cache
- CVE-2021-27645: nscd: double-free in netgroup cache
- CVE-2024-33599: nscd: buffer overflow in netgroup cache (RHEL-34263)
- CVE-2024-33600: nscd: null pointer dereferences in netgroup cache
- CVE-2024-33601: nscd: crash on out-of-memory condition
- CVE-2024-33602: nscd: memory corruption with NSS netgroup modules

[2.17-326.1]
- CVE-2024-2961: Out of bounds write in iconv conversion to ISO-2022-CN-EXT (RHEL-31803)

Related CVEs

CVE-2024-33600

CVE-2024-2961

CVE-2024-33599

CVE-2024-33601

CVE-2024-33602

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label
Oracle Linux 7 (aarch64)	glibc-2.17-326.0.6.el7_9.3.src.rpm	07acd4fdeb902aed79d2180131c24c51	-	ol7_aarch64_latest
	glibc-2.17-326.0.6.el7_9.3.src.rpm	07acd4fdeb902aed79d2180131c24c51	-	ol7_aarch64_optional_latest
	glibc-2.17-326.0.6.el7_9.3.src.rpm	07acd4fdeb902aed79d2180131c24c51	-	ol7_aarch64_u9_patch
	glibc-2.17-326.0.6.el7_9.3.aarch64.rpm	12578f380460859830538949ae11b137	-	ol7_aarch64_latest
	glibc-2.17-326.0.6.el7_9.3.aarch64.rpm	12578f380460859830538949ae11b137	-	ol7_aarch64_u9_patch
	glibc-common-2.17-326.0.6.el7_9.3.aarch64.rpm	0e0854dd5617a0eac3deaf81d7989d35	-	ol7_aarch64_latest
	glibc-common-2.17-326.0.6.el7_9.3.aarch64.rpm	0e0854dd5617a0eac3deaf81d7989d35	-	ol7_aarch64_u9_patch
	glibc-devel-2.17-326.0.6.el7_9.3.aarch64.rpm	7c72f7f8d2698580c76a02f0399c7717	-	ol7_aarch64_latest
	glibc-devel-2.17-326.0.6.el7_9.3.aarch64.rpm	7c72f7f8d2698580c76a02f0399c7717	-	ol7_aarch64_u9_patch
	glibc-headers-2.17-326.0.6.el7_9.3.aarch64.rpm	15dea691b40334a1e6df275b16768646	-	ol7_aarch64_latest
	glibc-headers-2.17-326.0.6.el7_9.3.aarch64.rpm	15dea691b40334a1e6df275b16768646	-	ol7_aarch64_u9_patch
	glibc-static-2.17-326.0.6.el7_9.3.aarch64.rpm	61d84c57717b74a37ac848f14253b173	-	ol7_aarch64_optional_latest
	glibc-utils-2.17-326.0.6.el7_9.3.aarch64.rpm	d6ca054ecdd9e6c101a3995822d4f49c	-	ol7_aarch64_latest
	glibc-utils-2.17-326.0.6.el7_9.3.aarch64.rpm	d6ca054ecdd9e6c101a3995822d4f49c	-	ol7_aarch64_u9_patch
	nscd-2.17-326.0.6.el7_9.3.aarch64.rpm	875c39c42dc35fe52cce34795165e3fc	-	ol7_aarch64_latest
	nscd-2.17-326.0.6.el7_9.3.aarch64.rpm	875c39c42dc35fe52cce34795165e3fc	-	ol7_aarch64_u9_patch
Oracle Linux 7 (x86_64)	glibc-2.17-326.0.9.el7_9.3.src.rpm	97078a8fca0da4f0661ce2306bb7f666	-	ol7_x86_64_latest
	glibc-2.17-326.0.9.el7_9.3.src.rpm	97078a8fca0da4f0661ce2306bb7f666	-	ol7_x86_64_optional_latest
	glibc-2.17-326.0.9.el7_9.3.src.rpm	97078a8fca0da4f0661ce2306bb7f666	-	ol7_x86_64_u9_patch
	glibc-2.17-326.0.9.el7_9.3.i686.rpm	e6658db66e96df0c1a56aa0741a92596	-	ol7_x86_64_latest
	glibc-2.17-326.0.9.el7_9.3.i686.rpm	e6658db66e96df0c1a56aa0741a92596	-	ol7_x86_64_u9_patch
	glibc-2.17-326.0.9.el7_9.3.x86_64.rpm	b244d633bfe2120a601ea8eec919342a	-	ol7_x86_64_latest
	glibc-2.17-326.0.9.el7_9.3.x86_64.rpm	b244d633bfe2120a601ea8eec919342a	-	ol7_x86_64_u9_patch
	glibc-common-2.17-326.0.9.el7_9.3.x86_64.rpm	347e473d129c02221e71d11286c004c1	-	ol7_x86_64_latest
	glibc-common-2.17-326.0.9.el7_9.3.x86_64.rpm	347e473d129c02221e71d11286c004c1	-	ol7_x86_64_u9_patch
	glibc-devel-2.17-326.0.9.el7_9.3.i686.rpm	8dd70074791a12d7979a1174ed604f5e	-	ol7_x86_64_latest
	glibc-devel-2.17-326.0.9.el7_9.3.i686.rpm	8dd70074791a12d7979a1174ed604f5e	-	ol7_x86_64_u9_patch
	glibc-devel-2.17-326.0.9.el7_9.3.x86_64.rpm	f9c222de2b107d172cff00a7a15bcd99	-	ol7_x86_64_latest
	glibc-devel-2.17-326.0.9.el7_9.3.x86_64.rpm	f9c222de2b107d172cff00a7a15bcd99	-	ol7_x86_64_u9_patch
	glibc-headers-2.17-326.0.9.el7_9.3.x86_64.rpm	6f029ffd1b229886b2fe72ca2e04845c	-	ol7_x86_64_latest
	glibc-headers-2.17-326.0.9.el7_9.3.x86_64.rpm	6f029ffd1b229886b2fe72ca2e04845c	-	ol7_x86_64_u9_patch
	glibc-static-2.17-326.0.9.el7_9.3.i686.rpm	853e67ce5a419d225eaea595cb28fb1b	-	ol7_x86_64_optional_latest
	glibc-static-2.17-326.0.9.el7_9.3.x86_64.rpm	84f8ad8c0d77fec1ef95f224365e897d	-	ol7_x86_64_optional_latest
	glibc-utils-2.17-326.0.9.el7_9.3.x86_64.rpm	0a17b07170b7eae02e33881744e69c82	-	ol7_x86_64_latest
	glibc-utils-2.17-326.0.9.el7_9.3.x86_64.rpm	0a17b07170b7eae02e33881744e69c82	-	ol7_x86_64_u9_patch
	nscd-2.17-326.0.9.el7_9.3.x86_64.rpm	1287593a8b9366a91484a5936efbbdfd	-	ol7_x86_64_latest
	nscd-2.17-326.0.9.el7_9.3.x86_64.rpm	1287593a8b9366a91484a5936efbbdfd	-	ol7_x86_64_u9_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team