{"id":"MGASA-2022-0052","summary":"Updated glibc packages fix security vulnerability","details":"Updated glibc packages fix security vulnerability:\n\nAn off-by-one buffer overflow and underflow in getcwd() may lead to memory\ncorruption when the size of the buffer is exactly 1. A local attacker who\ncan control the input buffer and size passed to getcwd() in a setuid program\ncould use this flaw to potentially execute arbitrary code and escalate their\nprivileges on the system (CVE-2021-3999).\n\nOther upstream fixes in this update:\n- gconv: Do not emit spurious NUL character in ISO-2022-JP-3 [BZ #28524]\n- x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ #28755]\n- x86: Set Prefer_No_VZEROUPPER and add Prefer_AVX2_STRCMP\n- x86-64: Add ifunc-avx2.h functions with 256-bit EVEX\n- x86-64: Add strcpy family functions with 256-bit EVEX\n- x86-64: Add memmove family functions with 256-bit EVEX\n- x86-64: Add memset family functions with 256-bit EVEX\n- x86-64: Add memcmp family functions with 256-bit EVEX\n- x86-64: Add AVX optimized string/memory functions for RTM\n- x86: Add string/memory function tests in RTM region\n- x86-64: Use ZMM16-ZMM31 in AVX512 memset family functions\n- x86-64: Use ZMM16-ZMM31 in AVX512 memmove family functions\n- test-strnlen.c: Initialize wchar_t string with wmemset [BZ #27655]\n- test-strnlen.c: Check that strnlen won't go beyond the maximum length\n- x86: Optimize memchr-avx2.S\n- x86: Fix overflow bug with wmemchr-sse2 and wmemchr-avx2 [BZ #27974]\n- x86: Optimize strlen-avx2.S\n- x86: Optimize memchr-evex.S\n- x86-64: Fix an unknown vector operation in memchr-evex.S\n- x86-64: Move strlen.S to multiarch/strlen-vec.S\n- x86-64: Add wcslen optimize for sse4.1\n- x86: Fix overflow bug in wcsnlen-sse4_1 and wcsnlen-avx2 [BZ #27974]\n- x86: Optimize strlen-evex.S\n- String: Add overflow tests for strnlen, memchr, and strncat [BZ #27974]\n- x86-64: Require BMI2 for __strlen_evex and __strnlen_evex\n- x86: Check RTM_ALWAYS_ABORT for RTM [BZ #28033]\n- x86: Black list more Intel CPUs for TSX [BZ #27398]\n- x86: Remove wcsnlen-sse4_1 from wcslen ifunc-impl-list [BZ #28064]\n- x86-64: Test strlen and wcslen with 0 in the RSI register [BZ #28064]\n","modified":"2026-04-16T04:43:58.319955968Z","published":"2022-02-08T16:27:38Z","upstream":["CVE-2021-3999"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0052.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29935"}],"affected":[{"package":{"name":"glibc","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/glibc?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.32-25.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0052.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}