Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

61 – 70 of 143 results


CVE-2017-17426

Medium priority
Fixed

The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release
glibc Not affected Not affected
Show less packages

CVE-2017-15804

Low priority

Some fixes available 3 of 4

The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release
glibc Not affected Not affected Fixed
Show less packages

CVE-2017-15671

Low priority
Vulnerable

The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release Not in release Not in release
glibc Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2017-15670

Low priority

Some fixes available 3 of 4

The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release
glibc Not affected Not affected Fixed
Show less packages

CVE-2011-5320

Low priority
Ignored

scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s.

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc
glibc
Show less packages

CVE-2017-12133

Low priority

Some fixes available 1 of 3

Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release Not in release Not in release
glibc Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2017-12132

Low priority

Some fixes available 1 of 3

The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release Not in release Not in release
glibc Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2017-1000366

Medium priority
Fixed

glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release
glibc Fixed
Show less packages

CVE-2014-9984

Medium priority
Fixed

nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release Not in release Not in release
glibc Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2017-8804

Medium priority
Ignored

** DISPUTED ** The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release
glibc Not affected Not affected
Show less packages