-----BEGIN PGP SIGNED MESSAGE----- ld.so Vulnerability A buffer overflow problem was reported on bugtraq affecting the ELF and a.out program loaders on Linux. This problem can possibly be exploited by malicious users to obtain root access. On Linux, programs linked against shared libraries execute some code contained in /lib/ld.so (for a.out binaries) or /lib/ld-linux.so (for ELF binaries), which loads the shared libraries and binds all symbols. If an error occurs during this stage, an error message is printed and the program terminates. The printf replacement used at this stage is not protected from buffer overruns. David Engel has released a fixed ld.so as ftp://ftp.ods.com/pub/linux/ld.so-1.9.3.tar.gz ftp://i44ftp.info.uni-karlsruhe.de/pub/linux/ld.so/ld.so-1.9.3.tar.gz This release should soon appear on sunsite.unc.edu in /pub/Linux/GCC. Note that ld.so-1.9 does not support the old a.out format anymore. The following Linux distribution maintainers and vendors have released fixed packages of ld.so: - ------------------------------------------------------------------ VENDOR INFORMATION - ------------------------------------------------------------------ Vendor: S.u.S.E Product: S.u.S.E Linux 5.0 Status: Affected, fix available Location: ftp://ftp.suse.com/pub/suse_update/S.u.S.E.-5.0/a1 Files: c7648fbfd29fc56905e1d569f617a811 ld.so-1.9.3.dif c7fba9a7f4040812307841f683ef4abc ld.so-1.9.3.tar.gz 19f71cfc08a69d8ecf1703e5307459a0 ldso.changes fd64cc73f699a2c28a809e1b7b61700e ldso.rpm b3f1350e916381bd7e97c7087fc49535 ldso.tgz Vendor: Caldera Product: Caldera OpenLinux Lite, Base and Standard 1.1 Status: Affected, fix available Location: ftp://ftp.caldera.com/pub/openlinux/updates/1.1/004 Files: 2fed2dd482fe44e020a4bd40fdd2059e ld.so-1.7.14-5.src.rpm 572974e8f777b6da7d67aed15db9c115 ld.so-1.7.14-5.i386.rpm Note: ELF support only. Vendor: RedHat Product: RedHat Linux 4.0, 4.1 and 4.2 Status: Affected, fix available Location: ftp://ftp.redhat.com/updates/4.2 Files: d8883e254021de3058b9c7d3174e9b28 i386/ld.so-1.7.14-5.i386.rpm 2ab8e35978d81a57a340c81584e78785 sparc/ld.so-sparc-1.8.3-3.sparc.rpm Note: Files pgp-signed, key available from install CD or PGP key servers. Vendor: Debian Product: Debian GNU/Linux Status: Affected, fix available Location: ftp://ftp.debian.org/debian/bo-updates Files: c044d31c1a7f434837ec648c97481b76 ld.so_1.8.10-2.1.dsc bd6a94d00b6aeb10363b92e4f77a1a30 ld.so_1.8.10-2.1.tar.gz edea24550bf5f5a3c92a4a6319fe60b0 ldso_1.8.10-2.1_i386.deb Vendor: Delix Product: DLD 5.2 Status: Affected, fix available Location: ftp://ftp.delix.de/pub/Linux/DLD-5.2/updates Files: 156f551820e1f7305cf2c19d1cbddc68 *ld.so-1.9.2-3.i386.rpm bbeb99ac166d5c7cfde52346949da363 *ld.so-devel-1.9.2-3.i386.rpm Vendor: LST Product: LST Power Linux 2.2 Status: Affected, fix available Location: Same as for Caldera above. -----BEGIN PGP SIGNATURE----- Version: 2.6.2i iQCVAwUBM9RqfuFnVHXv40etAQGTawP/Srnw8tmTTkLuZrxsx49qEw3jP3hM8DdM qeiVd8DyztiphIpIgPpWYr79e6z4/6tViDA0Cpb+ZbJ2axe7k0Dg9Ypd8k6C1cC5 L6qKo+pHbTBn7F31OEerrqniaYyVuVWdsD3tDWsItKsYqBJy5+jiRvMC3RzFqUNk mpdo1mnqJiw=I/YT -----END PGP SIGNATURE----- -- Olaf Kirch | --- o --- Nous sommes du soleil we love when we play okir@monad.swb.de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax okir@lst.de +-------------------- Why Not?! ----------------------- finger okir@brewhq.swb.de for PGP key