The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of glibc: denial of service via swscanf

Synthesis of the vulnerability 

An attacker can consume too many memory in the swscanf() function of the glibc, in order to trigger a denial of service.
Vulnerable systems: Arkoon FAST360, Debian, RHEL, Ubuntu, Unix (platform) ~ not comprehensive.
Severity of this threat: 1/4.
Creation date: 04/02/2015.
Références of this weakness: 16618, CVE-2015-1473, DSA-3169-1, MDVSA-2015:168, RHSA-2015:2199-07, RHSA-2015:2589-01, STORM-2015-09-EN, STORM-2015-10-EN, STORM-2015-11-EN.2, STORM-2015-12-EN, USN-2519-1, VIGILANCE-VUL-16106.

Description of the vulnerability 

The swscanf() function of the glibc searches for a pattern in a wide-character string.

Before reserving a stack memory area via alloca(), the swscanf() function calls __libc_use_alloca() which checks if the requested size is inferior to the limit __MAX_ALLOCA_CUTOFF. However, a number of characters is compared instead of a number of bytes. The alloca() function can thus be used up to 4 times the expected limit, which may stop the application.

An attacker can therefore consume too many memory in the swscanf() function of the glibc, in order to trigger a denial of service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer weakness bulletin impacts software or systems such as Arkoon FAST360, Debian, RHEL, Ubuntu, Unix (platform) ~ not comprehensive.

Our Vigil@nce team determined that the severity of this computer threat announce is low.

The trust level is of type confirmed by the editor, with an origin of user shell.

An attacker with a expert ability can exploit this threat announce.

Solutions for this threat 

Arkoon Fast360: version 5.0/35.
The version 5.0/35 is fixed.

Arkoon Fast360: version 6.0/9.
The version 6.0/9 is fixed.

Debian: new eglibc packages.
New packages are available.

Mandriva BS2: new glibc packages.
New packages are available:
  Mandriva BS2: glibc 2.18-10.1.mbs2

RHEL 7.1: new glibc packages.
New packages are available:
  RHEL 7: glibc 2.17-79.el7_1

RHEL 7: new glibc packages.
New packages are available:
  RHEL 7: glibc 2.17-105.el7

Ubuntu: new libc6 packages.
New packages are available:
  Ubuntu 14.10: libc6 2.19-10ubuntu2.3
  Ubuntu 14.04 LTS: libc6 2.19-0ubuntu6.6
  Ubuntu 12.04 LTS: libc6 2.15-0ubuntu10.11
  Ubuntu 10.04 LTS: libc6 2.11.1-0ubuntu7.21
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides an applications vulnerabilities note. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.