Search CVE reports
21 – 30 of 160 results
Some fixes available 10 of 11
A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements...
2 affected packages
glibc, eglibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| glibc | Fixed | Fixed | Fixed | Fixed |
| eglibc | Not in release | Not in release | Not in release | Not in release |
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes...
2 affected packages
glibc, eglibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| glibc | Fixed | Not affected | Not affected | Not affected |
| eglibc | Not in release | Not in release | Not in release | Not in release |
Some fixes available 4 of 5
A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called...
2 affected packages
glibc, eglibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| glibc | Not affected | Fixed | Fixed | Fixed |
| eglibc | Not in release | Not in release | Not in release | Not in release |
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch...
2 affected packages
glibc, eglibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| glibc | Not affected | Not affected | Not affected | Not affected |
| eglibc | Not in release | Not in release | Not in release | Not in release |
A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| eglibc | — | Not in release | Not in release | Not in release |
| glibc | — | Not affected | Not affected | Not affected |
sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| eglibc | — | Not in release | Not in release | Not in release |
| glibc | — | Not affected | Not affected | Not affected |
An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| eglibc | — | Not in release | Not in release | Not in release |
| glibc | — | Not affected | Not affected | Not affected |
sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.
8 affected packages
eglibc, glibc, syslinux-legacy, dietlibc, sssd...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release |
| glibc | Ignored | Ignored | Ignored | Ignored |
| syslinux-legacy | Not in release | Not in release | Ignored | Ignored |
| dietlibc | Ignored | Ignored | Ignored | Ignored |
| sssd | Ignored | Ignored | Ignored | Ignored |
| syslinux | Ignored | Ignored | Ignored | Ignored |
| zabbix | Not in release | Ignored | Ignored | Ignored |
| uclibc | — | — | — | — |
Some fixes available 5 of 6
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release |
| glibc | Not affected | Not affected | Fixed | Fixed |
Some fixes available 1 of 2
A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| eglibc | — | Not in release | Not in release | Not in release |
| glibc | — | Not affected | Not affected | Not affected |