Search CVE reports
51 – 60 of 148 results
CVE-2019-6488
Negligible priorityThe string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Ignored | Ignored |
CVE-2018-19591
Medium prioritySome fixes available 1 of 2
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Fixed | Not affected |
CVE-2018-11237
Medium prioritySome fixes available 2 of 3
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Fixed | Fixed |
CVE-2018-11236
Medium prioritySome fixes available 3 of 4
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Not affected | Not affected | Not affected | Fixed | Fixed |
CVE-2017-18269
Medium prioritySome fixes available 1 of 2
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Not affected | Fixed |
CVE-2018-6551
Medium priorityThe malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | — | Not in release | Not in release |
| glibc | — | — | — | Not affected | Not affected |
CVE-2018-6485
Medium prioritySome fixes available 2 of 3
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Not affected | Fixed |
CVE-2018-1000001
High prioritySome fixes available 5 of 11
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
4 affected packages
dietlibc, eglibc, glibc, musl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dietlibc | — | — | — | Not affected | Not affected |
| eglibc | — | — | — | Not in release | Not in release |
| glibc | — | — | — | Not affected | Fixed |
| musl | — | — | — | Not affected | Fixed |
CVE-2017-16997
Low prioritySome fixes available 3 of 4
elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Not affected | Fixed |
CVE-2017-1000409
Low prioritySome fixes available 3 of 4
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Not affected | Fixed |