Search CVE reports
51 – 60 of 143 results
CVE-2018-19591
Medium prioritySome fixes available 1 of 2
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | Not in release | Not in release | Not in release |
glibc | — | — | Not affected | Fixed | Not affected |
CVE-2018-11237
Medium prioritySome fixes available 2 of 3
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | Not in release | Not in release | Not in release |
glibc | — | — | Not affected | Fixed | Fixed |
CVE-2018-11236
Medium prioritySome fixes available 3 of 4
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Not affected | Not affected | Not affected | Fixed | Fixed |
CVE-2017-18269
Medium prioritySome fixes available 1 of 2
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | Not in release | Not in release | Not in release |
glibc | — | — | Not affected | Not affected | Fixed |
CVE-2018-6551
Medium priorityThe malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | — | Not in release | Not in release |
glibc | — | — | — | Not affected | Not affected |
CVE-2018-6485
Medium prioritySome fixes available 2 of 3
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | Not in release | Not in release | Not in release |
glibc | — | — | Not affected | Not affected | Fixed |
CVE-2018-1000001
High prioritySome fixes available 5 of 11
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
4 affected packages
dietlibc, eglibc, glibc, musl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dietlibc | — | — | — | Not affected | Not affected |
eglibc | — | — | — | Not in release | Not in release |
glibc | — | — | — | Not affected | Fixed |
musl | — | — | — | Not affected | Fixed |
CVE-2017-16997
Low prioritySome fixes available 3 of 4
elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | Not in release | Not in release | Not in release |
glibc | — | — | Not affected | Not affected | Fixed |
CVE-2017-1000409
Low prioritySome fixes available 3 of 4
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | Not in release | Not in release | Not in release |
glibc | — | — | Not affected | Not affected | Fixed |
CVE-2017-1000408
Low prioritySome fixes available 3 of 4
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | — | Not in release | Not in release | Not in release |
glibc | — | — | Not affected | Not affected | Fixed |