Search CVE reports
111 – 120 of 154 results
sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted...
1 affected package
eglibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
eglibc | — | — | — | — |
Some fixes available 3 of 4
pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
eglibc | — | — | — | — |
glibc | — | — | — | — |
Some fixes available 4 of 6
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2)...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
eglibc | — | — | — | — |
glibc | — | — | — | — |
Some fixes available 4 of 6
Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash)...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
eglibc | — | — | — | — |
glibc | — | — | — | — |
iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of “0xffff” to the iconv function when converting...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
eglibc | — | — | — | — |
glibc | — | — | — | — |
Some fixes available 5 of 8
Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long...
2 affected packages
glibc, eglibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
glibc | — | — | — | — |
eglibc | — | — | — | — |
Some fixes available 5 of 8
Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
eglibc | — | — | — | — |
glibc | — | — | — | — |
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified “related functions” in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
eglibc | — | — | — | — |
glibc | — | — | — | — |
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not “properly restrict the use of” the alloca function when allocating the SPECS array, which allows...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
eglibc | — | — | — | — |
glibc | — | — | — | — |
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE...
2 affected packages
glibc, eglibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
glibc | — | — | — | — |
eglibc | — | — | — | — |