Search CVE reports
11 – 20 of 144 results
CVE-2023-5156
Medium prioritySome fixes available 5 of 6
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Fixed | Fixed | Not affected | Not affected | Not affected |
CVE-2023-4806
Low prioritySome fixes available 8 of 9
A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2023-4527
Medium priorityA flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Fixed | Not affected | Not affected | Not affected | Not affected |
CVE-2023-4813
Low prioritySome fixes available 4 of 5
A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Not affected | Fixed | Fixed | Fixed | Fixed |
CVE-2015-20109
Medium priorityend_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2023-0687
Low priority** DISPUTED ** A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | Not in release | Not in release | Not in release | Not in release |
glibc | — | Not affected | Not affected | Not affected | Not affected |
CVE-2023-25139
Medium prioritysprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | Not in release | Not in release | Not in release | Not in release |
glibc | — | Not affected | Not affected | Not affected | Not affected |
CVE-2022-39046
Medium priorityAn issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | — | Not in release | Not in release | Not in release | Not in release |
glibc | — | Not affected | Not affected | Not affected | Not affected |
CVE-2016-20013
Negligible prioritysha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.
8 affected packages
dietlibc, eglibc, glibc, sssd, syslinux...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
dietlibc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
sssd | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
syslinux | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
syslinux-legacy | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
uclibc | — | — | — | — | Ignored |
zabbix | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-3999
Medium prioritySome fixes available 5 of 6
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Not affected | Not affected | Fixed | Fixed | Fixed |