Search CVE reports
41 – 50 of 143 results
CVE-2019-1010023
Low priority** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | Not in release | Not in release | Not in release |
glibc | — | — | Ignored | Ignored | Ignored |
CVE-2006-7254
Medium priorityThe nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon.
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | — | Not in release | Not in release |
glibc | — | — | — | Not affected | Not affected |
CVE-2005-3590
Medium priorityThe getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | — | Not in release | Not in release |
glibc | — | — | — | Not affected | Not affected |
CVE-2019-9192
Negligible priority** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796....
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | Not in release | Not in release | Not in release |
glibc | — | — | Not affected | Not affected | Not affected |
CVE-2019-9169
Low prioritySome fixes available 2 of 4
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | Not in release | Not in release | Not in release |
glibc | — | — | Not affected | Fixed | Fixed |
CVE-2018-20796
Negligible priorityIn the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | Not in release | Not in release | Not in release |
glibc | — | — | Ignored | Ignored | Ignored |
CVE-2009-5155
Negligible prioritySome fixes available 1 of 7
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect...
3 affected packages
eglibc, glibc, gnulib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Not affected | Not affected | Not affected | Vulnerable | Fixed |
gnulib | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
CVE-2019-7309
Negligible priorityIn the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | Not in release | Not in release | Not in release |
glibc | — | — | Not affected | Ignored | Ignored |
CVE-2016-10739
Low priorityIn the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Not affected | Not affected | Not affected | Ignored | Ignored |
CVE-2019-6488
Negligible priorityThe string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | Not in release | Not in release | Not in release |
glibc | — | — | Not affected | Ignored | Ignored |