Search CVE reports
151 – 157 of 157 results
Some fixes available 15 of 20
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to...
5 affected packages
bind9, dnsmasq, eglibc, glibc, python-dns
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| bind9 | — | — | — | — |
| dnsmasq | — | — | — | — |
| eglibc | — | — | — | — |
| glibc | — | — | — | — |
| python-dns | — | — | — | — |
Some fixes available 4 of 5
Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| eglibc | — | — | — | — |
| glibc | — | — | — | — |
gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI...
7 affected packages
gcc-4.3, glibc, linux, linux-source-2.6.15, linux-source-2.6.17...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gcc-4.3 | — | — | — | — |
| glibc | — | — | — | — |
| linux | — | — | — | — |
| linux-source-2.6.15 | — | — | — | — |
| linux-source-2.6.17 | — | — | — | — |
| linux-source-2.6.20 | — | — | — | — |
| linux-source-2.6.22 | — | — | — | — |
Some fixes available 1 of 4
Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that...
1 affected package
glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| glibc | — | — | — | — |
The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon.
2 affected packages
glibc, eglibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| glibc | — | — | — | Not affected |
| eglibc | — | — | — | Not in release |
The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| eglibc | — | — | — | Not in release |
| glibc | — | — | — | Not affected |
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.
1 affected package
glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| glibc | — | — | — | — |