Red Hat Security Advisory: glibc local write access vulnerability | Linux Today

Red Hat Security Advisory: glibc local write access vulnerability

Written By
Web Webster
Web Webster
Jan 16, 2001

Date: Tue, 16 Jan 2001 15:04 -0500
From: redhat-watch-list-admin@redhat.com
To: redhat-watch-list@redhat.com
Subject: [RHSA-2001:002-03] glibc local write access
vulnerability


                   Red Hat Security Advisory

Synopsis:          glibc local write access vulnerability
Advisory ID:       RHSA-2001:002-03
Issue date:        2001-01-15
Updated on:        2001-01-16
Product:           Red Hat Linux
Keywords:          glibc LD_PRELOAD SEGFAULT_OUTPUT_NAME
Cross references:
Obsoletes:

1. Topic:

A bug in GNU C Library allows unprivileged user to preload
libraries located in /lib or /usr/lib directories into SUID
programs even if those libraries have not been marked as such by
system administrator.

2. Relevant releases/architectures:

Red Hat Linux 6.0 – alpha, i386, sparc, sparcv9

Red Hat Linux 6.1 – alpha, i386, sparc, sparcv9

Red Hat Linux 6.2 – alpha, i386, sparc, sparcv9

3. Problem description:

LD_PRELOAD variable is honoured normally even for SUID/SGID
applications (but removed afterwards from environment) if it does
not contain `/’ characters, but there is a special check which only
preloads found libraries if they have the SUID bit set. However, if
a library has been found in /etc/ld.so.cache, this check was not
performed. As a result, a malicious user could preload some /lib or
/usr/lib library before SUID/SGID application and create or
overwrite a file he did not have permissions to. Also, LD_PROFILE
output from SUID programs would go into /var/tmp, making it
vulnerable to various link attacks.

4. Solution:

For each RPM for your particular architecture, run:

rpm -Fvh [filename]
where filename is the name of the RPM.

5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla
for more info):

20832 – Unknown system type Nautilus

6. RPMs required:

Red Hat Linux 6.0:

SRPMS:
ftp://updates.redhat.com/6.0/SRPMS/glibc-2.1.3-22.src.rpm

ftp://updates.redhat.com/6.0/SRPMS/glibc-2.1.3-22.src.rpm

ftp://updates.redhat.com/6.0/SRPMS/glibc-2.1.3-22.src.rpm

alpha:
ftp://updates.redhat.com/6.0/alpha/glibc-2.1.3-22.alpha.rpm


ftp://updates.redhat.com/6.0/alpha/glibc-devel-2.1.3-22.alpha.rpm


ftp://updates.redhat.com/6.0/alpha/glibc-profile-2.1.3-22.alpha.rpm

ftp://updates.redhat.com/6.0/alpha/nscd-2.1.3-22.alpha.rpm

ftp://updates.redhat.com/6.0/alpha/nscd-2.1.3-22.alpha.rpm

ftp://updates.redhat.com/6.0/alpha/nscd-2.1.3-22.alpha.rpm

i386:
ftp://updates.redhat.com/6.0/i386/glibc-2.1.3-22.i386.rpm

ftp://updates.redhat.com/6.0/i386/glibc-devel-2.1.3-22.i386.rpm


ftp://updates.redhat.com/6.0/i386/glibc-profile-2.1.3-22.i386.rpm

ftp://updates.redhat.com/6.0/i386/nscd-2.1.3-22.i386.rpm

sparc:
ftp://updates.redhat.com/6.0/sparc/glibc-2.1.3-22.sparc.rpm

ftp://updates.redhat.com/6.0/sparc/glibc-2.1.3-22.sparc.rpm


ftp://updates.redhat.com/6.0/sparc/glibc-devel-2.1.3-22.sparc.rpm


ftp://updates.redhat.com/6.0/sparc/glibc-profile-2.1.3-22.sparc.rpm

ftp://updates.redhat.com/6.0/sparc/nscd-2.1.3-22.sparc.rpm

sparcv9:
ftp://updates.redhat.com/6.0/sparcv9/glibc-2.1.3-22.sparcv9.rpm

Red Hat Linux 6.1:

SRPMS:
ftp://updates.redhat.com/6.1/SRPMS/glibc-2.1.3-22.src.rpm

alpha:
ftp://updates.redhat.com/6.1/alpha/glibc-2.1.3-22.alpha.rpm


ftp://updates.redhat.com/6.1/alpha/glibc-devel-2.1.3-22.alpha.rpm


ftp://updates.redhat.com/6.1/alpha/glibc-profile-2.1.3-22.alpha.rpm

ftp://updates.redhat.com/6.1/alpha/nscd-2.1.3-22.alpha.rpm

i386:
ftp://updates.redhat.com/6.1/i386/glibc-2.1.3-22.i386.rpm

ftp://updates.redhat.com/6.1/i386/glibc-devel-2.1.3-22.i386.rpm


ftp://updates.redhat.com/6.1/i386/glibc-profile-2.1.3-22.i386.rpm

ftp://updates.redhat.com/6.1/i386/nscd-2.1.3-22.i386.rpm

ftp://updates.redhat.com/6.1/i386/nscd-2.1.3-22.i386.rpm

ftp://updates.redhat.com/6.1/i386/nscd-2.1.3-22.i386.rpm

sparc:
ftp://updates.redhat.com/6.1/sparc/glibc-2.1.3-22.sparc.rpm

ftp://updates.redhat.com/6.1/sparc/glibc-2.1.3-22.sparc.rpm


ftp://updates.redhat.com/6.1/sparc/glibc-devel-2.1.3-22.sparc.rpm


ftp://updates.redhat.com/6.1/sparc/glibc-profile-2.1.3-22.sparc.rpm


ftp://updates.redhat.com/6.1/sparc/glibc-profile-2.1.3-22.sparc.rpm


ftp://updates.redhat.com/6.1/sparc/glibc-profile-2.1.3-22.sparc.rpm

ftp://updates.redhat.com/6.1/sparc/nscd-2.1.3-22.sparc.rpm

sparcv9:
ftp://updates.redhat.com/6.1/sparcv9/glibc-2.1.3-22.sparcv9.rpm

Red Hat Linux 6.2:

SRPMS:
ftp://updates.redhat.com/6.2/SRPMS/glibc-2.1.3-22.src.rpm

alpha:
ftp://updates.redhat.com/6.2/alpha/glibc-2.1.3-22.alpha.rpm


ftp://updates.redhat.com/6.2/alpha/glibc-devel-2.1.3-22.alpha.rpm


ftp://updates.redhat.com/6.2/alpha/glibc-profile-2.1.3-22.alpha.rpm

ftp://updates.redhat.com/6.2/alpha/nscd-2.1.3-22.alpha.rpm

i386:
ftp://updates.redhat.com/6.2/i386/glibc-2.1.3-22.i386.rpm

ftp://updates.redhat.com/6.2/i386/glibc-devel-2.1.3-22.i386.rpm


ftp://updates.redhat.com/6.2/i386/glibc-profile-2.1.3-22.i386.rpm

ftp://updates.redhat.com/6.2/i386/nscd-2.1.3-22.i386.rpm

ftp://updates.redhat.com/6.2/i386/nscd-2.1.3-22.i386.rpm

ftp://updates.redhat.com/6.2/i386/nscd-2.1.3-22.i386.rpm

sparc:
ftp://updates.redhat.com/6.2/sparc/glibc-2.1.3-22.sparc.rpm

ftp://updates.redhat.com/6.2/sparc/glibc-2.1.3-22.sparc.rpm

ftp://updates.redhat.com/6.2/sparc/glibc-2.1.3-22.sparc.rpm

ftp://updates.redhat.com/6.2/sparc/glibc-2.1.3-22.sparc.rpm


ftp://updates.redhat.com/6.2/sparc/glibc-devel-2.1.3-22.sparc.rpm


ftp://updates.redhat.com/6.2/sparc/glibc-devel-2.1.3-22.sparc.rpm


ftp://updates.redhat.com/6.2/sparc/glibc-devel-2.1.3-22.sparc.rpm


ftp://updates.redhat.com/6.2/sparc/glibc-profile-2.1.3-22.sparc.rpm

ftp://updates.redhat.com/6.2/sparc/nscd-2.1.3-22.sparc.rpm

sparcv9:
ftp://updates.redhat.com/6.2/sparcv9/glibc-2.1.3-22.sparcv9.rpm

7. Verification:

MD5 sum                           Package Name

ef78f44366467486a0dac8794bc17ab9 6.2/SRPMS/glibc-2.1.3-22.src.rpm
b860e2f939f4e6517f4672361d746b38 6.2/i386/nscd-2.1.3-22.i386.rpm
e9b9b581fa4eda1a9aa2a5de8b267889 6.2/i386/glibc-profile-2.1.3-22.i386.rpm
2a779a3f6c3b87059cf40686f55dc2f6 6.2/i386/glibc-devel-2.1.3-22.i386.rpm
b841df797bf42585476f30b1ba489e30 6.2/i386/glibc-2.1.3-22.i386.rpm
e768b72385324280d62b271895261021 6.2/alpha/nscd-2.1.3-22.alpha.rpm
57040728348767ef4475ab82091a3db0 6.2/alpha/glibc-profile-2.1.3-22.alpha.rpm
e5a7cf85e50c599a51e7b9ee7d1bc78d 6.2/alpha/glibc-devel-2.1.3-22.alpha.rpm
c1edf134c6d5790ce74d7c4272ec8687 6.2/alpha/glibc-2.1.3-22.alpha.rpm
1de8f29192f62e1cc33f76d920e20a1a 6.2/sparcv9/glibc-2.1.3-22.sparcv9.rpm
966d69ca5182a97315e1f7bf5a5b7c30 6.2/sparc/nscd-2.1.3-22.sparc.rpm
a611d30013f4f98576aebb58b906c6db 6.2/sparc/glibc-profile-2.1.3-22.sparc.rpm
a305bcbf7e6f273c0c9759b622b04509 6.2/sparc/glibc-devel-2.1.3-22.sparc.rpm
74ae10e642a463b053ef531048410330 6.2/sparc/glibc-2.1.3-22.sparc.rpm
ef78f44366467486a0dac8794bc17ab9 6.1/SRPMS/glibc-2.1.3-22.src.rpm
e768b72385324280d62b271895261021 6.1/alpha/nscd-2.1.3-22.alpha.rpm
57040728348767ef4475ab82091a3db0 6.1/alpha/glibc-profile-2.1.3-22.alpha.rpm
e5a7cf85e50c599a51e7b9ee7d1bc78d 6.1/alpha/glibc-devel-2.1.3-22.alpha.rpm
c1edf134c6d5790ce74d7c4272ec8687 6.1/alpha/glibc-2.1.3-22.alpha.rpm
1de8f29192f62e1cc33f76d920e20a1a 6.1/sparcv9/glibc-2.1.3-22.sparcv9.rpm
966d69ca5182a97315e1f7bf5a5b7c30 6.1/sparc/nscd-2.1.3-22.sparc.rpm
a611d30013f4f98576aebb58b906c6db 6.1/sparc/glibc-profile-2.1.3-22.sparc.rpm
a305bcbf7e6f273c0c9759b622b04509 6.1/sparc/glibc-devel-2.1.3-22.sparc.rpm
74ae10e642a463b053ef531048410330 6.1/sparc/glibc-2.1.3-22.sparc.rpm
b860e2f939f4e6517f4672361d746b38 6.1/i386/nscd-2.1.3-22.i386.rpm
e9b9b581fa4eda1a9aa2a5de8b267889 6.1/i386/glibc-profile-2.1.3-22.i386.rpm
2a779a3f6c3b87059cf40686f55dc2f6 6.1/i386/glibc-devel-2.1.3-22.i386.rpm
b841df797bf42585476f30b1ba489e30 6.1/i386/glibc-2.1.3-22.i386.rpm
ef78f44366467486a0dac8794bc17ab9 6.0/SRPMS/glibc-2.1.3-22.src.rpm
1de8f29192f62e1cc33f76d920e20a1a 6.0/sparcv9/glibc-2.1.3-22.sparcv9.rpm
966d69ca5182a97315e1f7bf5a5b7c30 6.0/sparc/nscd-2.1.3-22.sparc.rpm
a611d30013f4f98576aebb58b906c6db 6.0/sparc/glibc-profile-2.1.3-22.sparc.rpm
a305bcbf7e6f273c0c9759b622b04509 6.0/sparc/glibc-devel-2.1.3-22.sparc.rpm
74ae10e642a463b053ef531048410330 6.0/sparc/glibc-2.1.3-22.sparc.rpm
b860e2f939f4e6517f4672361d746b38 6.0/i386/nscd-2.1.3-22.i386.rpm
e9b9b581fa4eda1a9aa2a5de8b267889 6.0/i386/glibc-profile-2.1.3-22.i386.rpm
2a779a3f6c3b87059cf40686f55dc2f6 6.0/i386/glibc-devel-2.1.3-22.i386.rpm
b841df797bf42585476f30b1ba489e30 6.0/i386/glibc-2.1.3-22.i386.rpm
e768b72385324280d62b271895261021 6.0/alpha/nscd-2.1.3-22.alpha.rpm
57040728348767ef4475ab82091a3db0 6.0/alpha/glibc-profile-2.1.3-22.alpha.rpm
e5a7cf85e50c599a51e7b9ee7d1bc78d 6.0/alpha/glibc-devel-2.1.3-22.alpha.rpm
c1edf134c6d5790ce74d7c4272ec8687 6.0/alpha/glibc-2.1.3-22.alpha.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our
key is available at:
http://www.redhat.com/corp/contact.html

You can verify each package with the following command:
rpm –checksig <filename>

If you only wish to verify that each package has not been
corrupted or tampered with, examine only the md5sum with the
following command:
rpm –checksig –nogpg <filename>

8. References:

Copyright(c) 2000, 2001 Red Hat, Inc.

Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.