#VU13234 Privilege escalation in Glibc - CVE-2017-18269

Cybersecurity Help s.r.o.

Published: 2018-06-08 | Updated: 2018-06-08

Vulnerability identifier: #VU13234

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-18269

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Glibc
Universal components / Libraries / Libraries used by multiple products

Vendor: GNU

Description

The vulnerability allows a remote attacker to gain elevated privileges on the target system.

The vulnerability exists due to an SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. A remote unauthenticated attacker can trigger memory corruption and disclose arbitrary files, cause the application to crash or possibly execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Glibc: 2.21 - 2.27

External links
https://github.com/fingolfin/memmove-bug

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Ubuntu update for glibc

OpenSUSE Linux update for glibc