Glibc 2.35 arrives with improvements, bug fixes and more

After six months of development the release of the new version of Glibc 2.35 was announced in which includes fixes from 66 developers and of the improvements implemented we can find that support for the "C.UTF-8" locale was added, which includes collations for all Unicode codes, but is limited to the use of ASCII ranges in the functions fnmatch, regexec and regcomp to save space.

The locale is approximately 400 KB, of which 346 KB is LC_CTYPE data for Unicode, and must be installed separately (not built into Glibc). Encoding data, character type information, and transliteration tables have been updated to support the Unicode 14.0.0 specification.

Another change that stands out is that Y implement functions and macros that round the result to a narrower type, In addition to implementing functions and macros to find the minimum and maximum of floating point numbers of types float, long double, _FloatN and _FloatNx, described in the IEEE 754-2019 specification.

for functions exp10, the corresponding macros are added to the header file, which are not bound to specific types, plus the _PRINTF_NAN_LEN_MAX macro was added to , proposed in the draft ISO C2X standard.

The dynamic linking system implements a new classification algorithm DSO using depth search (DFS) to address performance issues when handling loop dependencies. To select the DSO sort algorithm, the glibc.rtld.dynamic_sort parameter is proposed, which can be set to "1" to fall back to the previous algorithm.

Besides it added support for a new function '__memcmpeq' to the ABI, which is used by compilers to optimize the use of 'memcmp' when the return value of this function is used only to check the completion status of an operation.

The support for automatic thread registration using the rseq (restartable sequences) system call provided since Linux kernel 4.18. The rseq system call allows to organize the continuous execution of a group of instructions which is not interrupted and commits the result with the last statement in the group. Essentially, it provides a facility for very fast atomic execution of operations which, if interrupted by another thread, are cleaned up and retried.

On the other hand, it provides default compilation of all executable files of the built-in programs and a test suite in PIE (position-independent executable) mode.

To disable this behavior, the option “–disable-default-pie” is provided, plus for Linux, added a glibc.malloc.hugetlb setting to change the malloc implementation to use the madvise system call with the MADV_HUGEPAGE flag for mmap and sbrk, or directly use large memory pages by specifying the MAP_HUGETLB flag in mmap calls.

In the first case, a performance boost can be achieved by using transparent Huge Pages in madvise mode, and in the second case, you can use system-reserved huge pages (Huge Pages).

It should also be noted that some vulnerabilities were fixed in this new version:

  • CVE-2022-23218, CVE-2022-23219: A buffer overflow in the svcunix_create and clnt_create functions caused by copying the contents of a filename parameter onto the stack without checking the size of the copied data. For applications built without stack protection and using the "unix" protocol, the vulnerability could lead to malicious code execution when processing very long filenames.
  • CVE-2021-3998: a vulnerability in the realpath() function caused by returning an incorrect value under certain conditions containing uncleaned residual data from the stack. For the SUID-root fusermount program, the vulnerability can be used to obtain sensitive information from process memory, for example, to obtain pointer information.
  • CVE-2021-3999: single byte buffer overflow in getcwd() function. The problem is caused by a bug that has been around since 1995. To call an overflow, in a separate mount point namespace, just call chdir() on the "/" directory.

Finally If you are interested in knowing more about it, you can check the details in the following link

The content of the article adheres to our principles of editorial ethics. To report an error click here.

Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *



  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.