GLIBC Vulnerability on Servers Serving PHP

Posted by: mstauber Category: General

Last week CVE-2024-2961 was announced. In brief, systems using glibc and serving php content could potentially be at risk. The vulnerability is related to the ISO-2022-CN-EXT character set.

Today we were made aware of a 24 year old vulnerability in GLIBC, which (in conjunction with PHP with ICONV support installed) could potentially be exploitable.

For more information see here or watch this video on Youtube.

At the time of the writing of this article no official fix for EL7, EL8 or EL9 has been released, so we worked out a work around that disables the vulnerable ISO-2022-CN-EXT character set in GLIBC. That should be good enough until the time an official fix arrives.

Updated "swatch" RPMs that contain this hotfix have been published for BlueOnyx 5209R, BlueOnyx 5210R and BlueOnyx 5211R.


Return
General
Apr 22, 2024 Category: General Posted by: mstauber