UBUNTU-CVE-2017-18269

See a problem?
Source
https://ubuntu.com/security/notices/UBUNTU-CVE-2017-18269
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-18269.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2017-18269
Related
Published
2018-05-18T16:29:00Z
Modified
2018-05-18T16:29:00Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.

References

Affected packages

Ubuntu:16.04:LTS / glibc

Package

Name
glibc
Purl
pkg:deb/ubuntu/glibc@2.23-0ubuntu11.2?arch=src?distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.23-0ubuntu11.2

Affected versions

2.*

2.21-0ubuntu4
2.21-0ubuntu5
2.21-0ubuntu6
2.23-0ubuntu1
2.23-0ubuntu2
2.23-0ubuntu3
2.23-0ubuntu4
2.23-0ubuntu5
2.23-0ubuntu6
2.23-0ubuntu7
2.23-0ubuntu9
2.23-0ubuntu10
2.23-0ubuntu11

Ecosystem specific 

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "libc6-s390-dbgsym": "2.23-0ubuntu11.2",
            "libc6-dev": "2.23-0ubuntu11.2",
            "libc6-udeb-dbgsym": "2.23-0ubuntu11.2",
            "multiarch-support": "2.23-0ubuntu11.2",
            "libc6-ppc64": "2.23-0ubuntu11.2",
            "libc6-dev-s390": "2.23-0ubuntu11.2",
            "libc6-dev-i386": "2.23-0ubuntu11.2",
            "locales-all": "2.23-0ubuntu11.2",
            "libc6-amd64-dbgsym": "2.23-0ubuntu11.2",
            "glibc-source": "2.23-0ubuntu11.2",
            "libc6-dev-amd64": "2.23-0ubuntu11.2",
            "libc6-pic": "2.23-0ubuntu11.2",
            "nscd-dbgsym": "2.23-0ubuntu11.2",
            "nscd": "2.23-0ubuntu11.2",
            "glibc-doc": "2.23-0ubuntu11.2",
            "libc6-ppc64-dbgsym": "2.23-0ubuntu11.2",
            "libc6-armel": "2.23-0ubuntu11.2",
            "libc6-dbg": "2.23-0ubuntu11.2",
            "libc6": "2.23-0ubuntu11.2",
            "libc6-armel-dbgsym": "2.23-0ubuntu11.2",
            "libc-bin": "2.23-0ubuntu11.2",
            "libc6-i386": "2.23-0ubuntu11.2",
            "libc6-udeb": "2.23-0ubuntu11.2",
            "libc6-dev-x32": "2.23-0ubuntu11.2",
            "libc-bin-dbgsym": "2.23-0ubuntu11.2",
            "libc-dev-bin": "2.23-0ubuntu11.2",
            "libc6-amd64": "2.23-0ubuntu11.2",
            "libc6-x32": "2.23-0ubuntu11.2",
            "libc6-dbgsym": "2.23-0ubuntu11.2",
            "libc6-s390": "2.23-0ubuntu11.2",
            "libc6-dev-armel": "2.23-0ubuntu11.2",
            "libc6-dev-ppc64": "2.23-0ubuntu11.2",
            "libc6-i386-dbgsym": "2.23-0ubuntu11.2",
            "locales": "2.23-0ubuntu11.2",
            "libc-dev-bin-dbgsym": "2.23-0ubuntu11.2",
            "libc6-x32-dbgsym": "2.23-0ubuntu11.2"
        }
    ]
}

Ubuntu:18.04:LTS / glibc

Package

Name
glibc
Purl
pkg:deb/ubuntu/glibc@2.27-3ubuntu1?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.27-3ubuntu1

Affected versions

2.*

2.26-0ubuntu2
2.26-0ubuntu2.1
2.27-0ubuntu2
2.27-0ubuntu3

Ecosystem specific 

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "libc6-s390-dbgsym": "2.27-3ubuntu1",
            "libc6-dev": "2.27-3ubuntu1",
            "multiarch-support": "2.27-3ubuntu1",
            "libc6-dev-s390": "2.27-3ubuntu1",
            "libc6-dev-i386": "2.27-3ubuntu1",
            "locales-all": "2.27-3ubuntu1",
            "libc6-amd64-dbgsym": "2.27-3ubuntu1",
            "libc6-pic": "2.27-3ubuntu1",
            "glibc-source": "2.27-3ubuntu1",
            "libc6-dev-amd64": "2.27-3ubuntu1",
            "nscd-dbgsym": "2.27-3ubuntu1",
            "nscd": "2.27-3ubuntu1",
            "glibc-doc": "2.27-3ubuntu1",
            "libc6-armel": "2.27-3ubuntu1",
            "libc6-armel-dbgsym": "2.27-3ubuntu1",
            "libc6": "2.27-3ubuntu1",
            "libc6-dbg": "2.27-3ubuntu1",
            "libc-bin": "2.27-3ubuntu1",
            "libc6-i386": "2.27-3ubuntu1",
            "libc6-udeb": "2.27-3ubuntu1",
            "libc6-dev-x32": "2.27-3ubuntu1",
            "libc-bin-dbgsym": "2.27-3ubuntu1",
            "libc-dev-bin": "2.27-3ubuntu1",
            "libc6-amd64": "2.27-3ubuntu1",
            "libc6-x32": "2.27-3ubuntu1",
            "libc6-s390": "2.27-3ubuntu1",
            "libc6-dev-armel": "2.27-3ubuntu1",
            "libc6-i386-dbgsym": "2.27-3ubuntu1",
            "locales": "2.27-3ubuntu1",
            "libc-dev-bin-dbgsym": "2.27-3ubuntu1",
            "libc6-x32-dbgsym": "2.27-3ubuntu1"
        }
    ]
}