Search CVE reports
61 – 70 of 149 results
CVE-2017-1000409
Low prioritySome fixes available 3 of 4
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Not affected | Fixed |
CVE-2017-1000408
Low prioritySome fixes available 3 of 4
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Not affected | Fixed |
CVE-2017-17426
Medium priorityThe malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | — | Not in release | Not in release |
| glibc | — | — | — | Not affected | Not affected |
CVE-2017-15804
Low prioritySome fixes available 3 of 4
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Not affected | Fixed |
CVE-2017-15671
Low priorityThe glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2017-15670
Low prioritySome fixes available 3 of 4
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Not affected | Fixed |
CVE-2011-5320
Low priorityscanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s.
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | — | — | — |
| glibc | — | — | — | — | — |
CVE-2017-12133
Low prioritySome fixes available 1 of 3
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Not affected | Not affected | Not affected | Not affected | Fixed |
CVE-2017-12132
Low prioritySome fixes available 1 of 3
The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Not affected | Not affected | Not affected | Not affected | Fixed |
CVE-2017-1000366
Medium priorityglibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | — | — | Not in release |
| glibc | — | — | — | — | Fixed |