Vulnerabilites related to gnu - glibc
CVE-2020-1751 (GCVE-0-2020-1751)
Vulnerability from cvelistv5
Published
2020-04-17 18:32
Modified
2024-08-04 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200430-0002/"
},
{
"name": "GLSA-202006-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "glibc",
"vendor": "Red Hat",
"versions": [
{
"status": "affected",
"version": "2.31"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-09T19:06:12",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200430-0002/"
},
{
"name": "GLSA-202006-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-1751",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "glibc",
"version": {
"version_data": [
{
"version_value": "2.31"
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.1/CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200430-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200430-0002/"
},
{
"name": "GLSA-202006-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"name": "USN-4416-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4416-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-1751",
"datePublished": "2020-04-17T18:32:44",
"dateReserved": "2019-11-27T00:00:00",
"dateUpdated": "2024-08-04T06:46:30.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-29562 (GCVE-0-2020-29562)
Vulnerability from cvelistv5
Published
2020-12-04 06:48
Modified
2025-06-09 15:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:55:10.573Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26923"
},
{
"name": "FEDORA-2021-6e581c051a",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210122-0004/"
},
{
"name": "GLSA-202101-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-29562",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T15:13:36.629969Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-617",
"description": "CWE-617 Reachable Assertion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T15:14:25.172Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-25T16:06:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26923"
},
{
"name": "FEDORA-2021-6e581c051a",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210122-0004/"
},
{
"name": "GLSA-202101-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-29562",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=26923",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26923"
},
{
"name": "FEDORA-2021-6e581c051a",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210122-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210122-0004/"
},
{
"name": "GLSA-202101-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-29562",
"datePublished": "2020-12-04T06:48:23.000Z",
"dateReserved": "2020-12-04T00:00:00.000Z",
"dateUpdated": "2025-06-09T15:14:25.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12132 (GCVE-0-2017-12132)
Vulnerability from cvelistv5
Published
2017-08-01 16:00
Modified
2024-08-05 18:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:16.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://arxiv.org/pdf/1205.4011.pdf"
},
{
"name": "100598",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100598"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21361"
},
{
"name": "RHSA-2018:0805",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-03T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://arxiv.org/pdf/1205.4011.pdf"
},
{
"name": "100598",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100598"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21361"
},
{
"name": "RHSA-2018:0805",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12132",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://arxiv.org/pdf/1205.4011.pdf",
"refsource": "MISC",
"url": "https://arxiv.org/pdf/1205.4011.pdf"
},
{
"name": "100598",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100598"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=21361",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21361"
},
{
"name": "RHSA-2018:0805",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12132",
"datePublished": "2017-08-01T16:00:00",
"dateReserved": "2017-08-01T00:00:00",
"dateUpdated": "2024-08-05T18:28:16.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3706 (GCVE-0-2016-3706)
Vulnerability from cvelistv5
Published
2016-06-10 15:00
Modified
2024-08-06 00:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:03:34.443Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1779",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4ab2ab03d4351914ee53248dc5aef4a8c88ff8b9"
},
{
"name": "88440",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/88440"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20010"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-12-01"
},
{
"name": "openSUSE-SU-2016:1527",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"name": "102073",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102073"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-07T10:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openSUSE-SU-2016:1779",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4ab2ab03d4351914ee53248dc5aef4a8c88ff8b9"
},
{
"name": "88440",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/88440"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20010"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-12-01"
},
{
"name": "openSUSE-SU-2016:1527",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"name": "102073",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102073"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-3706",
"datePublished": "2016-06-10T15:00:00",
"dateReserved": "2016-03-30T00:00:00",
"dateUpdated": "2024-08-06T00:03:34.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3192 (GCVE-0-2010-3192)
Vulnerability from cvelistv5
Published
2010-10-12 21:00
Modified
2024-09-16 16:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Certain run-time memory protection mechanisms in the GNU C Library (aka glibc or libc6) print argv[0] and backtrace information, which might allow context-dependent attackers to obtain sensitive information from process memory by executing an incorrect program, as demonstrated by a setuid program that contains a stack-based buffer overflow error, related to the __fortify_fail function in debug/fortify_fail.c, and the __stack_chk_fail (aka stack protection) and __chk_fail (aka FORTIFY_SOURCE) implementations.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:18.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20100902 Re: CVE id request: libc fortify source information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/3"
},
{
"name": "[oss-security] 20100902 Re: CVE id request: libc fortify source information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/5"
},
{
"name": "20100427 Fun with FORTIFY_SOURCE",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2010/Apr/399"
},
{
"name": "[oss-security] 20100902 Re: CVE id request: libc fortify source information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/2"
},
{
"name": "[oss-security] 20100831 Re: CVE id request: libc fortify source information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/31/7"
},
{
"name": "[oss-security] 20100902 Re: CVE id request: libc fortify source information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/4"
},
{
"name": "[oss-security] 20100831 Re: CVE id request: libc fortify source information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/31/6"
},
{
"name": "[oss-security] 20100825 CVE id request: libc fortify source information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/25/8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain run-time memory protection mechanisms in the GNU C Library (aka glibc or libc6) print argv[0] and backtrace information, which might allow context-dependent attackers to obtain sensitive information from process memory by executing an incorrect program, as demonstrated by a setuid program that contains a stack-based buffer overflow error, related to the __fortify_fail function in debug/fortify_fail.c, and the __stack_chk_fail (aka stack protection) and __chk_fail (aka FORTIFY_SOURCE) implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-10-12T21:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20100902 Re: CVE id request: libc fortify source information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/3"
},
{
"name": "[oss-security] 20100902 Re: CVE id request: libc fortify source information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/5"
},
{
"name": "20100427 Fun with FORTIFY_SOURCE",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2010/Apr/399"
},
{
"name": "[oss-security] 20100902 Re: CVE id request: libc fortify source information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/2"
},
{
"name": "[oss-security] 20100831 Re: CVE id request: libc fortify source information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/31/7"
},
{
"name": "[oss-security] 20100902 Re: CVE id request: libc fortify source information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/4"
},
{
"name": "[oss-security] 20100831 Re: CVE id request: libc fortify source information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/31/6"
},
{
"name": "[oss-security] 20100825 CVE id request: libc fortify source information disclosure",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/25/8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain run-time memory protection mechanisms in the GNU C Library (aka glibc or libc6) print argv[0] and backtrace information, which might allow context-dependent attackers to obtain sensitive information from process memory by executing an incorrect program, as demonstrated by a setuid program that contains a stack-based buffer overflow error, related to the __fortify_fail function in debug/fortify_fail.c, and the __stack_chk_fail (aka stack protection) and __chk_fail (aka FORTIFY_SOURCE) implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20100902 Re: CVE id request: libc fortify source information disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/3"
},
{
"name": "[oss-security] 20100902 Re: CVE id request: libc fortify source information disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/5"
},
{
"name": "20100427 Fun with FORTIFY_SOURCE",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2010/Apr/399"
},
{
"name": "[oss-security] 20100902 Re: CVE id request: libc fortify source information disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/2"
},
{
"name": "[oss-security] 20100831 Re: CVE id request: libc fortify source information disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/08/31/7"
},
{
"name": "[oss-security] 20100902 Re: CVE id request: libc fortify source information disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/4"
},
{
"name": "[oss-security] 20100831 Re: CVE id request: libc fortify source information disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/08/31/6"
},
{
"name": "[oss-security] 20100825 CVE id request: libc fortify source information disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/08/25/8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3192",
"datePublished": "2010-10-12T21:00:00Z",
"dateReserved": "2010-08-31T00:00:00Z",
"dateUpdated": "2024-09-16T16:17:25.715Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0475 (GCVE-0-2014-0475)
Vulnerability from cvelistv5
Published
2014-07-29 14:00
Modified
2024-08-06 09:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:20:17.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-2976",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2976"
},
{
"name": "68505",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68505"
},
{
"name": "1030569",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030569"
},
{
"name": "RHSA-2014:1110",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2014-1110.html"
},
{
"name": "[oss-security] 20140714 Re: CVE-2014-0475: glibc directory traversal in LC_* locale handling",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/14/6"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17137"
},
{
"name": "[oss-security] 20140710 CVE-2014-0475: glibc directory traversal in LC_* locale handling",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/10/7"
},
{
"name": "MDVSA-2014:152",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:152"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "DSA-2976",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2976"
},
{
"name": "68505",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68505"
},
{
"name": "1030569",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030569"
},
{
"name": "RHSA-2014:1110",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2014-1110.html"
},
{
"name": "[oss-security] 20140714 Re: CVE-2014-0475: glibc directory traversal in LC_* locale handling",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/14/6"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17137"
},
{
"name": "[oss-security] 20140710 CVE-2014-0475: glibc directory traversal in LC_* locale handling",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/10/7"
},
{
"name": "MDVSA-2014:152",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:152"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2014-0475",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-2976",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2976"
},
{
"name": "68505",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68505"
},
{
"name": "1030569",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030569"
},
{
"name": "RHSA-2014:1110",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2014-1110.html"
},
{
"name": "[oss-security] 20140714 Re: CVE-2014-0475: glibc directory traversal in LC_* locale handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/14/6"
},
{
"name": "GLSA-201602-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=17137",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17137"
},
{
"name": "[oss-security] 20140710 CVE-2014-0475: glibc directory traversal in LC_* locale handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/10/7"
},
{
"name": "MDVSA-2014:152",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:152"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2015-0092.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2014-0475",
"datePublished": "2014-07-29T14:00:00",
"dateReserved": "2013-12-19T00:00:00",
"dateUpdated": "2024-08-06T09:20:17.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-7254 (GCVE-0-2006-7254)
Vulnerability from cvelistv5
Published
2019-04-10 19:52
Modified
2024-08-07 20:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:57:40.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=2498"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-10T19:52:58",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=2498"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7254",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=2498",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=2498"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-7254",
"datePublished": "2019-04-10T19:52:58",
"dateReserved": "2019-04-10T00:00:00",
"dateUpdated": "2024-08-07T20:57:40.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9169 (GCVE-0-2019-9169)
Vulnerability from cvelistv5
Published
2019-02-26 02:00
Modified
2024-08-04 21:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:38:46.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "107160",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107160"
},
{
"name": "GLSA-202006-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10278"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=583dd860d5b833037175247230a328f0050dbfe9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190315-0002/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24114"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K54823184"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T23:20:46",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "107160",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107160"
},
{
"name": "GLSA-202006-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10278"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=583dd860d5b833037175247230a328f0050dbfe9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190315-0002/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24114"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K54823184"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9169",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "107160",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107160"
},
{
"name": "GLSA-202006-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"name": "USN-4416-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10278",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10278"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=583dd860d5b833037175247230a328f0050dbfe9",
"refsource": "MISC",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=583dd860d5b833037175247230a328f0050dbfe9"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190315-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190315-0002/"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=24114",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24114"
},
{
"name": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142",
"refsource": "MISC",
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142"
},
{
"name": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140",
"refsource": "MISC",
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140"
},
{
"name": "https://support.f5.com/csp/article/K54823184",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K54823184"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-9169",
"datePublished": "2019-02-26T02:00:00",
"dateReserved": "2019-02-25T00:00:00",
"dateUpdated": "2024-08-04T21:38:46.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1095 (GCVE-0-2011-1095)
Vulnerability from cvelistv5
Published
2011-04-10 01:29
Modified
2024-08-06 22:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:27.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201011-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46397"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=patch%3Bh=026373745eab50a683536d950cb7e17dc98c4259"
},
{
"name": "RHSA-2011:0412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=625893"
},
{
"name": "ADV-2011-0863",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"name": "43989",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43989"
},
{
"name": "[oss-security] 20110308 glibc locale escaping issue",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=11904"
},
{
"name": "MDVSA-2011:178",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"name": "43830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43830"
},
{
"name": "RHSA-2011:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0413.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=330923"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "oval:org.mitre.oval:def:12272",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12272"
},
{
"name": "43976",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43976"
},
{
"name": "[oss-security] 20110308 Re: glibc locale escaping issue",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/21"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11904"
},
{
"name": "[oss-security] 20110308 Re: glibc locale escaping issue",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/22"
},
{
"name": "1025286",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025286"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "GLSA-201011-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46397"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=patch%3Bh=026373745eab50a683536d950cb7e17dc98c4259"
},
{
"name": "RHSA-2011:0412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=625893"
},
{
"name": "ADV-2011-0863",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"name": "43989",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43989"
},
{
"name": "[oss-security] 20110308 glibc locale escaping issue",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=11904"
},
{
"name": "MDVSA-2011:178",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"name": "43830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43830"
},
{
"name": "RHSA-2011:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0413.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=330923"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "oval:org.mitre.oval:def:12272",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12272"
},
{
"name": "43976",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43976"
},
{
"name": "[oss-security] 20110308 Re: glibc locale escaping issue",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/21"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11904"
},
{
"name": "[oss-security] 20110308 Re: glibc locale escaping issue",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/22"
},
{
"name": "1025286",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025286"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1095",
"datePublished": "2011-04-10T01:29:00",
"dateReserved": "2011-02-24T00:00:00",
"dateUpdated": "2024-08-06T22:14:27.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4911 (GCVE-0-2023-4911)
Vulnerability from cvelistv5
Published
2023-10-03 17:25
Modified
2025-07-30 01:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► |
Version: 2.34 < 2.39 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:44:52.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/174986/glibc-ld.so-Local-Privilege-Escalation.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176288/Glibc-Tunables-Privilege-Escalation.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/05/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/14/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/14/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/14/6"
},
{
"name": "RHSA-2023:5453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"name": "RHSA-2023:5454",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5454"
},
{
"name": "RHSA-2023:5455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"name": "RHSA-2023:5476",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5476"
},
{
"name": "RHSA-2024:0033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:0033"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4911"
},
{
"name": "RHBZ#2238352",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238352"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-03"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231013-0006/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5514"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.qualys.com/cve-2023-4911/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4911",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-22T16:37:43.161550Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-11-21",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4911"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:37:15.371Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2023-11-21T00:00:00+00:00",
"value": "CVE-2023-4911 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://sourceware.org/git/glibc.git",
"defaultStatus": "unaffected",
"packageName": "glibc",
"versions": [
{
"lessThan": "2.39",
"status": "affected",
"version": "2.34",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::crb",
"cpe:/o:redhat:enterprise_linux:8::baseos",
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.28-225.el8_8.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::crb",
"cpe:/o:redhat:enterprise_linux:8::baseos",
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.28-225.el8_8.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:8.6::appstream",
"cpe:/o:redhat:rhev_hypervisor:4.4::el8",
"cpe:/a:redhat:rhel_eus:8.6::crb",
"cpe:/o:redhat:rhel_eus:8.6::baseos"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.28-189.6.el8_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.34-100.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.34-60.el9_2.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.34-100.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.34-60.el9_2.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.0::appstream",
"cpe:/o:redhat:rhel_eus:9.0::baseos",
"cpe:/a:redhat:rhel_eus:9.0::crb"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.34-28.el9_0.4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:8.6::appstream",
"cpe:/o:redhat:rhev_hypervisor:4.4::el8",
"cpe:/a:redhat:rhel_eus:8.6::crb",
"cpe:/o:redhat:rhel_eus:8.6::baseos"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.28-189.6.el8_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhev_hypervisor:4.4::el8"
],
"defaultStatus": "affected",
"packageName": "redhat-release-virtualization-host",
"product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.5.3-10.el8ev",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhev_hypervisor:4.4::el8"
],
"defaultStatus": "affected",
"packageName": "redhat-virtualization-host",
"product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.5.3-202312060823_8.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "compat-glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Qualys Research Labs for reporting this issue."
}
],
"datePublic": "2023-10-03T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow was discovered in the GNU C Library\u0027s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T19:48:05.645Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHBA-2024:2413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2024:2413"
},
{
"name": "RHSA-2023:5453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"name": "RHSA-2023:5454",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5454"
},
{
"name": "RHSA-2023:5455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"name": "RHSA-2023:5476",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5476"
},
{
"name": "RHSA-2024:0033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:0033"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4911"
},
{
"name": "RHBZ#2238352",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238352"
},
{
"url": "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt"
},
{
"url": "https://www.qualys.com/cve-2023-4911/"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-04T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-03T17:00:00+00:00",
"value": "Made public."
}
],
"title": "Glibc: buffer overflow in ld.so leading to privilege escalation",
"workarounds": [
{
"lang": "en",
"value": "For customers who cannot update immediately and do not have Secure Boot feature enabled, the issue can be mitigated using the provided SystemTap script with the following steps. When enabled, any setuid program invoked with GLIBC_TUNABLES in the environment will be terminated immediately. To invoke the setuid program, users will then have to unset or clear the GLIBC_TUNABLES envvar, e.g. `GLIBC_TUNABLES= sudo` . \n\nNote that these mitigation steps will need to be repeated if the system is rebooted.\n\n1) Install required systemtap packages and dependencies as per - https://access.redhat.com/solutions/5441\n\n\n2) Create the following systemtap script, and name it stap_block_suid_tunables.stp:\n ~~~\nfunction has_tunable_string:long()\n{\n name = \"GLIBC_TUNABLES\"\n\n mm = @task(task_current())-\u003emm;\n if (mm)\n {\n env_start = @mm(mm)-\u003eenv_start;\n env_end = @mm(mm)-\u003eenv_end;\n\n if (env_start != 0 \u0026\u0026 env_end != 0)\n while (env_end \u003e env_start)\n {\n cur = user_string(env_start, \"\");\n env_name = tokenize(cur, \"=\");\n \n if (env_name == name \u0026\u0026 tokenize(\"\", \"\") != \"\")\n return 1;\n env_start += strlen (cur) + 1\n }\n }\n\n return 0;\n}\n\nprobe process(\"/lib*/ld*.so*\").function(\"__tunables_init\")\n{\n atsecure = 0;\n /* Skip processing if we can\u0027t read __libc_enable_secure, e.g. core dump\n handler (systemd-cgroups-agent and systemd-coredump). */\n try { atsecure = @var(\"__libc_enable_secure\"); }\n catch { printk (4, sprintf (\"CVE-2023-4911: Skipped check: %s (%d)\", execname(), pid())); }\n if (atsecure \u0026\u0026 has_tunable_string ())\n raise (9);\n}\n~~~\n\n3) Load the systemtap module into the running kernel:\n ~~~\n stap -g -F -m stap_block_suid_tunables stap_block_suid_tunables.stp\n ~~~\n\n4) Ensure the module is loaded:\n ~~~\n lsmod | grep -i stap_block_suid_tunables\nstap_block_suid_tunables 249856 0\n~~~\n\n5) Once the glibc package is updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n ~~~\n rmmod stap_block_suid_tunables\n ~~~\n\nIf Secure Boot is enabled on a system, the SystemTap module must be signed. An external compiling server can be used to sign the generated kernel module with a key enrolled into the kernel\u0027s keyring or starting with SystemTap 4.7 you can sign a module without a compile server. See further information here - https://www.redhat.com/sysadmin/secure-boot-systemtap"
}
],
"x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-4911",
"datePublished": "2023-10-03T17:25:08.434Z",
"dateReserved": "2023-09-12T13:10:32.495Z",
"dateUpdated": "2025-07-30T01:37:15.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1010022 (GCVE-0-2019-1010022)
Vulnerability from cvelistv5
Published
2019-07-15 03:00
Modified
2024-11-15 15:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Mitigation bypass
Summary
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| GNU C Library | glibc |
Version: current (At least as of 2018-02-16) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:07:18.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850"
},
{
"name": "CVE-2019-1010022",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022"
},
{
"name": "CVE-2019-1010022",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2019-1010022"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1010022",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-24T16:01:23.968883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T15:04:27.415Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "glibc",
"vendor": "GNU C Library",
"versions": [
{
"status": "affected",
"version": "current (At least as of 2018-02-16)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Mitigation bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-10T16:12:20",
"orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"shortName": "dwf"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850"
},
{
"name": "CVE-2019-1010022",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022"
},
{
"name": "CVE-2019-1010022",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://ubuntu.com/security/CVE-2019-1010022"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "glibc",
"version": {
"version_data": [
{
"version_value": "current (At least as of 2018-02-16)"
}
]
}
}
]
},
"vendor_name": "GNU C Library"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mitigation bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850"
},
{
"name": "CVE-2019-1010022",
"refsource": "DEBIAN",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022"
},
{
"name": "CVE-2019-1010022",
"refsource": "UBUNTU",
"url": "https://ubuntu.com/security/CVE-2019-1010022"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"assignerShortName": "dwf",
"cveId": "CVE-2019-1010022",
"datePublished": "2019-07-15T03:00:51",
"dateReserved": "2019-03-20T00:00:00",
"dateUpdated": "2024-11-15T15:04:27.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-33599 (GCVE-0-2024-33599)
Vulnerability from cvelistv5
Published
2024-05-06 19:21
Modified
2025-03-26 20:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
nscd: Stack-based buffer overflow in netgroup cache
If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted
by client requests then a subsequent client request for netgroup data
may result in a stack-based buffer overflow. This flaw was introduced
in glibc 2.15 when the cache was added to nscd.
This vulnerability is only present in the nscd binary.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The GNU C Library | glibc |
Version: 2.15 < 2.40 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-33599",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-29T19:01:02.703174Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-26T20:40:00.393Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:36:04.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0011/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "glibc",
"vendor": "The GNU C Library",
"versions": [
{
"lessThan": "2.40",
"status": "affected",
"version": "2.15",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "nscd: Stack-based buffer overflow in netgroup cache\u003cbr\u003e\u003cbr\u003eIf the Name Service Cache Daemon\u0027s (nscd) fixed size cache is exhausted\u003cbr\u003eby client requests then a subsequent client request for netgroup data\u003cbr\u003emay result in a stack-based buffer overflow. This flaw was introduced\u003cbr\u003ein glibc 2.15 when the cache was added to nscd.\u003cbr\u003e\u003cbr\u003eThis vulnerability is only present in the nscd binary.\u003cbr\u003e"
}
],
"value": "nscd: Stack-based buffer overflow in netgroup cache\n\nIf the Name Service Cache Daemon\u0027s (nscd) fixed size cache is exhausted\nby client requests then a subsequent client request for netgroup data\nmay result in a stack-based buffer overflow. This flaw was introduced\nin glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-22T18:06:10.829Z",
"orgId": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"shortName": "glibc"
},
"references": [
{
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240524-0011/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "nscd: Stack-based buffer overflow in netgroup cache",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"assignerShortName": "glibc",
"cveId": "CVE-2024-33599",
"datePublished": "2024-05-06T19:21:54.314Z",
"dateReserved": "2024-04-24T20:35:08.340Z",
"dateUpdated": "2025-03-26T20:40:00.393Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4412 (GCVE-0-2013-4412)
Vulnerability from cvelistv5
Published
2019-11-04 12:44
Modified
2024-08-06 16:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- ptr dereference
Summary
slim has NULL pointer dereference when using crypt() method from glibc 2.17
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:45:12.766Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4412"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4412"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2013-4412"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/10/09/6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/62906"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89675"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "slim",
"vendor": "slim",
"versions": [
{
"status": "affected",
"version": "\u003c 1.3.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "slim has NULL pointer dereference when using crypt() method from glibc 2.17"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "ptr dereference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-04T12:44:54",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4412"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4412"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2013-4412"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2013/10/09/6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/62906"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89675"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4412",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "slim",
"version": {
"version_data": [
{
"version_value": "\u003c 1.3.6"
}
]
}
}
]
},
"vendor_name": "slim"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "slim has NULL pointer dereference when using crypt() method from glibc 2.17"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "ptr dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2013-4412",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4412"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4412",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4412"
},
{
"name": "https://access.redhat.com/security/cve/cve-2013-4412",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/cve-2013-4412"
},
{
"name": "http://www.openwall.com/lists/oss-security/2013/10/09/6",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/10/09/6"
},
{
"name": "http://www.securityfocus.com/bid/62906",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/62906"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89675",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89675"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4412",
"datePublished": "2019-11-04T12:44:54",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:45:12.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3480 (GCVE-0-2012-3480)
Vulnerability from cvelistv5
Published
2012-08-25 10:00
Modified
2024-08-06 20:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20120813 CVE Request -- glibc: Integer overflows, leading to stack-based buffer overflows in strto* related routines",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/4"
},
{
"name": "FEDORA-2012-11927",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085190.html"
},
{
"name": "84710",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/84710"
},
{
"name": "54982",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54982"
},
{
"name": "[oss-security] 20120813 Re: CVE Request -- glibc: Integer overflows, leading to stack-based buffer overflows in strto* related routines",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/6"
},
{
"name": "RHSA-2012:1325",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1325.html"
},
{
"name": "[libc-alpha] 20120812 Fix strtod integer/buffer overflow (bug 14459)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceware.org/ml/libc-alpha/2012-08/msg00202.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=14459"
},
{
"name": "RHSA-2012:1262",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1262.html"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2012:1207",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1207.html"
},
{
"name": "1027374",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027374"
},
{
"name": "USN-1589-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"name": "50201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50201"
},
{
"name": "50422",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50422"
},
{
"name": "RHSA-2012:1208",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1208.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified \"related functions\" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20120813 CVE Request -- glibc: Integer overflows, leading to stack-based buffer overflows in strto* related routines",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/4"
},
{
"name": "FEDORA-2012-11927",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085190.html"
},
{
"name": "84710",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/84710"
},
{
"name": "54982",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54982"
},
{
"name": "[oss-security] 20120813 Re: CVE Request -- glibc: Integer overflows, leading to stack-based buffer overflows in strto* related routines",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/6"
},
{
"name": "RHSA-2012:1325",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1325.html"
},
{
"name": "[libc-alpha] 20120812 Fix strtod integer/buffer overflow (bug 14459)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceware.org/ml/libc-alpha/2012-08/msg00202.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=14459"
},
{
"name": "RHSA-2012:1262",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1262.html"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2012:1207",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1207.html"
},
{
"name": "1027374",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027374"
},
{
"name": "USN-1589-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"name": "50201",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50201"
},
{
"name": "50422",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50422"
},
{
"name": "RHSA-2012:1208",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1208.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3480",
"datePublished": "2012-08-25T10:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8984 (GCVE-0-2015-8984)
Vulnerability from cvelistv5
Published
2017-03-20 16:00
Modified
2024-08-06 08:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:31.160Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20170214 Re: Pending CVE requests for glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"name": "72789",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72789"
},
{
"name": "[oss-security] 20150226 CVE request: glibc: potential application crash due to overread in fnmatch",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/26/5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4a28f4d55a6cc33474c0792fe93b5942d81bf185"
},
{
"name": "[libc-alpha] 20150814 The GNU C Library version 2.22 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18032"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-20T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20170214 Re: Pending CVE requests for glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"name": "72789",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72789"
},
{
"name": "[oss-security] 20150226 CVE request: glibc: potential application crash due to overread in fnmatch",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/26/5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4a28f4d55a6cc33474c0792fe93b5942d81bf185"
},
{
"name": "[libc-alpha] 20150814 The GNU C Library version 2.22 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18032"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20170214 Re: Pending CVE requests for glibc",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"name": "72789",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72789"
},
{
"name": "[oss-security] 20150226 CVE request: glibc: potential application crash due to overread in fnmatch",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/26/5"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4a28f4d55a6cc33474c0792fe93b5942d81bf185",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4a28f4d55a6cc33474c0792fe93b5942d81bf185"
},
{
"name": "[libc-alpha] 20150814 The GNU C Library version 2.22 is now available",
"refsource": "MLIST",
"url": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=18032",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18032"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8984",
"datePublished": "2017-03-20T16:00:00",
"dateReserved": "2017-02-14T00:00:00",
"dateUpdated": "2024-08-06T08:36:31.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-10228 (GCVE-0-2016-10228)
Vulnerability from cvelistv5
Published
2017-03-02 00:00
Modified
2024-08-06 03:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:14:42.874Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96525",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96525"
},
{
"name": "GLSA-202101-20",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519"
},
{
"tags": [
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2017/03/01/10"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-03-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-17T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "96525",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/96525"
},
{
"name": "GLSA-202101-20",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519"
},
{
"url": "http://openwall.com/lists/oss-security/2017/03/01/10"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10228",
"datePublished": "2017-03-02T00:00:00",
"dateReserved": "2017-03-01T00:00:00",
"dateUpdated": "2024-08-06T03:14:42.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4881 (GCVE-0-2009-4881)
Vulnerability from cvelistv5
Published
2010-06-01 20:00
Modified
2024-08-07 07:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6) before 2.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted format string, as demonstrated by the %99999999999999999999n string, a related issue to CVE-2008-1391.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:17:26.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2010:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"name": "GLSA-201011-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600"
},
{
"name": "gnuclibrary-vstrfmonl-overflow(59241)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59241"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=153aa31b93be22e01b236375fb02a9f9b9a0195f"
},
{
"name": "DSA-2058",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6) before 2.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted format string, as demonstrated by the %99999999999999999999n string, a related issue to CVE-2008-1391."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2010:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"name": "GLSA-201011-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600"
},
{
"name": "gnuclibrary-vstrfmonl-overflow(59241)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59241"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=153aa31b93be22e01b236375fb02a9f9b9a0195f"
},
{
"name": "DSA-2058",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6) before 2.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted format string, as demonstrated by the %99999999999999999999n string, a related issue to CVE-2008-1391."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2010:111",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"name": "GLSA-201011-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"name": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600",
"refsource": "CONFIRM",
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600"
},
{
"name": "gnuclibrary-vstrfmonl-overflow(59241)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59241"
},
{
"name": "http://sourceware.org/git/?p=glibc.git;a=commit;h=153aa31b93be22e01b236375fb02a9f9b9a0195f",
"refsource": "CONFIRM",
"url": "http://sourceware.org/git/?p=glibc.git;a=commit;h=153aa31b93be22e01b236375fb02a9f9b9a0195f"
},
{
"name": "DSA-2058",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4881",
"datePublished": "2010-06-01T20:00:00",
"dateReserved": "2010-06-01T00:00:00",
"dateUpdated": "2024-08-07T07:17:26.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7309 (GCVE-0-2019-7309)
Vulnerability from cvelistv5
Published
2019-02-03 02:00
Modified
2024-08-04 20:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106835",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106835"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24155"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/ml/libc-alpha/2019-02/msg00041.html"
},
{
"name": "GLSA-202006-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202006-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-13T02:06:34",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "106835",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106835"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24155"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/ml/libc-alpha/2019-02/msg00041.html"
},
{
"name": "GLSA-202006-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202006-04"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7309",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106835",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106835"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=24155",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24155"
},
{
"name": "https://sourceware.org/ml/libc-alpha/2019-02/msg00041.html",
"refsource": "MISC",
"url": "https://sourceware.org/ml/libc-alpha/2019-02/msg00041.html"
},
{
"name": "GLSA-202006-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202006-04"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7309",
"datePublished": "2019-02-03T02:00:00",
"dateReserved": "2019-02-02T00:00:00",
"dateUpdated": "2024-08-04T20:46:46.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23219 (GCVE-0-2022-23219)
Vulnerability from cvelistv5
Published
2022-01-14 00:00
Modified
2025-05-05 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542"
},
{
"name": "GLSA-202208-24",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-24"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-23219",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:31:40.909589Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:27:25.152Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-17T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542"
},
{
"name": "GLSA-202208-24",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-24"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23219",
"datePublished": "2022-01-14T00:00:00.000Z",
"dateReserved": "2022-01-14T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:27:25.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4802 (GCVE-0-2025-4802)
Vulnerability from cvelistv5
Published
2025-05-16 19:32
Modified
2025-07-26 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-426 - Untrusted Search Path
Summary
Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The GNU C Library | glibc |
Version: 2.27 < 2.39 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-05-17T08:03:25.762Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/05/16/7"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/05/17/2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-4802",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-26T03:55:53.798Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "glibc",
"vendor": "The GNU C Library",
"versions": [
{
"lessThan": "2.39",
"status": "affected",
"version": "2.27",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-05-16T19:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo)."
}
],
"value": "Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo)."
}
],
"impacts": [
{
"capecId": "CAPEC-13",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-13 Subverting Environment Variable Values"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T19:32:50.586Z",
"orgId": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"shortName": "glibc"
},
"references": [
{
"url": "https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32976"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"assignerShortName": "glibc",
"cveId": "CVE-2025-4802",
"datePublished": "2025-05-16T19:32:50.586Z",
"dateReserved": "2025-05-15T21:32:45.284Z",
"dateUpdated": "2025-07-26T03:55:53.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0859 (GCVE-0-2003-0859)
Vulnerability from cvelistv5
Published
2003-11-18 05:00
Modified
2024-08-08 02:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.613Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11337",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11337"
},
{
"name": "RHSA-2003:325",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-325.html"
},
{
"name": "RHSA-2003:334",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-334.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-11-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11337",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11337"
},
{
"name": "RHSA-2003:325",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-325.html"
},
{
"name": "RHSA-2003:334",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-334.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0859",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:11337",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11337"
},
{
"name": "RHSA-2003:325",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-325.html"
},
{
"name": "RHSA-2003:334",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-334.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0859",
"datePublished": "2003-11-18T05:00:00",
"dateReserved": "2003-10-10T00:00:00",
"dateUpdated": "2024-08-08T02:05:12.613Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8777 (GCVE-0-2015-8777)
Vulnerability from cvelistv5
Published
2016-01-20 02:00
Modified
2024-08-06 08:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:29:21.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:0471",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "RHSA-2017:1916",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://hmarco.org/bugs/glibc_ptr_mangle_weakness.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "SUSE-SU-2016:0472",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "SUSE-SU-2016:0473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"name": "81469",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/81469"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18928"
},
{
"name": "FEDORA-2016-0480defc94",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html"
},
{
"name": "DSA-3480",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"name": "1034811",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034811"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-09-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SU-2016:0471",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "RHSA-2017:1916",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://hmarco.org/bugs/glibc_ptr_mangle_weakness.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "SUSE-SU-2016:0472",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "SUSE-SU-2016:0473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"name": "81469",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/81469"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18928"
},
{
"name": "FEDORA-2016-0480defc94",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html"
},
{
"name": "DSA-3480",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"name": "1034811",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034811"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-8777",
"datePublished": "2016-01-20T02:00:00",
"dateReserved": "2016-01-19T00:00:00",
"dateUpdated": "2024-08-06T08:29:21.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39046 (GCVE-0-2022-39046)
Vulnerability from cvelistv5
Published
2022-08-31 00:00
Modified
2024-08-03 11:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29536"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20221104-0002/"
},
{
"name": "GLSA-202310-03",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-03"
},
{
"name": "[oss-security] 20240130 Re: CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/8"
},
{
"name": "[oss-security] 20240130 CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"name": "20240204 CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:U/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-04T09:07:02.022766",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29536"
},
{
"url": "https://security.netapp.com/advisory/ntap-20221104-0002/"
},
{
"name": "GLSA-202310-03",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-03"
},
{
"name": "[oss-security] 20240130 Re: CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/8"
},
{
"name": "[oss-security] 20240130 CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"name": "20240204 CVE-2023-6246: Heap-based buffer overflow in the glibc\u0027s syslog()",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-39046",
"datePublished": "2022-08-31T00:00:00",
"dateReserved": "2022-08-31T00:00:00",
"dateUpdated": "2024-08-03T11:10:32.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-33600 (GCVE-0-2024-33600)
Vulnerability from cvelistv5
Published
2024-05-06 19:22
Modified
2025-03-27 14:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-476 - NULL Pointer Dereference
Summary
nscd: Null pointer crashes after notfound response
If the Name Service Cache Daemon's (nscd) cache fails to add a not-found
netgroup response to the cache, the client request can result in a null
pointer dereference. This flaw was introduced in glibc 2.15 when the
cache was added to nscd.
This vulnerability is only present in the nscd binary.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The GNU C Library | glibc |
Version: 2.15 < 2.40 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-33600",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-07T19:13:16.760599Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T14:41:14.484Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:36:04.168Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0013/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "glibc",
"vendor": "The GNU C Library",
"versions": [
{
"lessThan": "2.40",
"status": "affected",
"version": "2.15",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003enscd: Null pointer crashes after notfound response\u003cbr\u003e\u003cbr\u003eIf the Name Service Cache Daemon\u0027s (nscd) cache fails to add a not-found\u003cbr\u003enetgroup response to the cache, the client request can result in a null\u003cbr\u003epointer dereference. This flaw was introduced in glibc 2.15 when the\u003cbr\u003ecache was added to nscd.\u003cbr\u003e\u003cbr\u003eThis vulnerability is only present in the nscd binary.\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "nscd: Null pointer crashes after notfound response\n\nIf the Name Service Cache Daemon\u0027s (nscd) cache fails to add a not-found\nnetgroup response to the cache, the client request can result in a null\npointer dereference. This flaw was introduced in glibc 2.15 when the\ncache was added to nscd.\n\nThis vulnerability is only present in the nscd binary."
}
],
"impacts": [
{
"capecId": "CAPEC-129",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-129 Pointer Manipulation"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-22T18:06:08.949Z",
"orgId": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"shortName": "glibc"
},
"references": [
{
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240524-0013/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "nscd: Null pointer crashes after notfound response",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"assignerShortName": "glibc",
"cveId": "CVE-2024-33600",
"datePublished": "2024-05-06T19:22:02.726Z",
"dateReserved": "2024-04-24T20:35:08.340Z",
"dateUpdated": "2025-03-27T14:41:14.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9402 (GCVE-0-2014-9402)
Vulnerability from cvelistv5
Published
2015-02-24 15:00
Modified
2024-08-06 13:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:40:25.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17630"
},
{
"name": "openSUSE-SU-2015:0351",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "[oss-security] 20141217 Re: CVE request: glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/12/18/1"
},
{
"name": "USN-2519-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"name": "71670",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71670"
},
{
"name": "RHSA-2018:0805",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-05T01:06:06",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17630"
},
{
"name": "openSUSE-SU-2015:0351",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "[oss-security] 20141217 Re: CVE request: glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/12/18/1"
},
{
"name": "USN-2519-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"name": "71670",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71670"
},
{
"name": "RHSA-2018:0805",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-9402",
"datePublished": "2015-02-24T15:00:00",
"dateReserved": "2014-12-17T00:00:00",
"dateUpdated": "2024-08-06T13:40:25.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3406 (GCVE-0-2012-3406)
Vulnerability from cvelistv5
Published
2014-02-10 17:00
Modified
2024-08-06 20:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2012:1200",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826943"
},
{
"name": "RHSA-2012:1097",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1097.html"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2012:1098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"name": "USN-1589-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"name": "RHSA-2012:1185",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1185.html"
},
{
"name": "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/attachment.cgi?id=594722"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not \"properly restrict the use of\" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2012:1200",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826943"
},
{
"name": "RHSA-2012:1097",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1097.html"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2012:1098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"name": "USN-1589-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"name": "RHSA-2012:1185",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1185.html"
},
{
"name": "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/attachment.cgi?id=594722"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3406",
"datePublished": "2014-02-10T17:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3856 (GCVE-0-2010-3856)
Vulnerability from cvelistv5
Published
2011-01-07 18:00
Modified
2025-02-13 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:26:12.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20101022 The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2010/Oct/344"
},
{
"name": "44347",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44347"
},
{
"name": "GLSA-201011-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/css/P8/documents/100121017"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645672"
},
{
"name": "RHSA-2010:0872",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0872.html"
},
{
"name": "SUSE-SA:2010:052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"name": "44025",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44025/"
},
{
"name": "DSA-2122",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2122"
},
{
"name": "USN-1009-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1009-1"
},
{
"name": "[libc-hacker] 20101022 [PATCH] Require suid bit on audit objects in privileged programs",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceware.org/ml/libc-hacker/2010-10/msg00010.html"
},
{
"name": "20110105 VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/515545/100/0/threaded"
},
{
"name": "MDVSA-2010:212",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:212"
},
{
"name": "42787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42787"
},
{
"name": "ADV-2011-0025",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0025"
},
{
"name": "RHSA-2010:0793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0793.html"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/9"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Jul/31"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/07/20/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-20T11:06:13.916Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20101022 The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2010/Oct/344"
},
{
"name": "44347",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44347"
},
{
"name": "GLSA-201011-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/css/P8/documents/100121017"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645672"
},
{
"name": "RHSA-2010:0872",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0872.html"
},
{
"name": "SUSE-SA:2010:052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"name": "44025",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44025/"
},
{
"name": "DSA-2122",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2122"
},
{
"name": "USN-1009-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1009-1"
},
{
"name": "[libc-hacker] 20101022 [PATCH] Require suid bit on audit objects in privileged programs",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceware.org/ml/libc-hacker/2010-10/msg00010.html"
},
{
"name": "20110105 VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/515545/100/0/threaded"
},
{
"name": "MDVSA-2010:212",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:212"
},
{
"name": "42787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42787"
},
{
"name": "ADV-2011-0025",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0025"
},
{
"name": "RHSA-2010:0793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0793.html"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/9"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/31"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/20/1"
},
{
"url": "http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-3856",
"datePublished": "2011-01-07T18:00:00.000Z",
"dateReserved": "2010-10-08T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:27:09.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0199 (GCVE-0-1999-0199)
Vulnerability from cvelistv5
Published
2020-10-06 12:49
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.864Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cee.studio/tdelete.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bminor/glibc/commit/2864e767053317538feafa815046fff89e5a16be#diff-94e8c502f255fdfc346df0e29fd4ef40"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ftp.gnu.org/gnu/glibc/glibc-2.2.tar.gz"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree\u0027s root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-06T12:49:43",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cee.studio/tdelete.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bminor/glibc/commit/2864e767053317538feafa815046fff89e5a16be#diff-94e8c502f255fdfc346df0e29fd4ef40"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ftp.gnu.org/gnu/glibc/glibc-2.2.tar.gz"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree\u0027s root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cee.studio/tdelete.html",
"refsource": "MISC",
"url": "https://www.cee.studio/tdelete.html"
},
{
"name": "https://github.com/bminor/glibc/commit/2864e767053317538feafa815046fff89e5a16be#diff-94e8c502f255fdfc346df0e29fd4ef40",
"refsource": "MISC",
"url": "https://github.com/bminor/glibc/commit/2864e767053317538feafa815046fff89e5a16be#diff-94e8c502f255fdfc346df0e29fd4ef40"
},
{
"name": "https://ftp.gnu.org/gnu/glibc/glibc-2.2.tar.gz",
"refsource": "MISC",
"url": "https://ftp.gnu.org/gnu/glibc/glibc-2.2.tar.gz"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0199",
"datePublished": "2020-10-06T12:49:43",
"dateReserved": "2020-10-06T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-20109 (GCVE-0-2015-20109)
Vulnerability from cvelistv5
Published
2023-06-25 00:00
Modified
2024-11-27 19:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:58:26.522Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18036"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230731-0009/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2015-20109",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-27T19:50:07.473195Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-27T19:50:15.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-31T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18036"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230731-0009/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-20109",
"datePublished": "2023-06-25T00:00:00",
"dateReserved": "2023-06-25T00:00:00",
"dateUpdated": "2024-11-27T19:50:15.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-7817 (GCVE-0-2014-7817)
Vulnerability from cvelistv5
Published
2014-11-24 15:00
Modified
2024-08-06 13:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:03:26.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20141120 CVE-2014-7817 glibc: command execution in wordexp() with WRDE_NOCMD specified",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q4/730"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0016.html"
},
{
"name": "USN-2432-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2432-1"
},
{
"name": "[libc-alpha] 20141119 [COMMITTED] CVE-2014-7817: wordexp fails to honour WRDE_NOCMD.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://sourceware.org/ml/libc-alpha/2014-11/msg00519.html"
},
{
"name": "RHSA-2014:2023",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-2023.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=a39208bd7fb76c1b01c127b4c61f9bfd915bfe7c"
},
{
"name": "openSUSE-SU-2015:0351",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "71216",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71216"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "62100",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62100"
},
{
"name": "gnu-glibc-cve20147817-command-exec(98852)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98852"
},
{
"name": "62146",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62146"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17625"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
},
{
"name": "DSA-3142",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing \"$((`...`))\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20141120 CVE-2014-7817 glibc: command execution in wordexp() with WRDE_NOCMD specified",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q4/730"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0016.html"
},
{
"name": "USN-2432-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2432-1"
},
{
"name": "[libc-alpha] 20141119 [COMMITTED] CVE-2014-7817: wordexp fails to honour WRDE_NOCMD.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://sourceware.org/ml/libc-alpha/2014-11/msg00519.html"
},
{
"name": "RHSA-2014:2023",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-2023.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=a39208bd7fb76c1b01c127b4c61f9bfd915bfe7c"
},
{
"name": "openSUSE-SU-2015:0351",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "71216",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71216"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "62100",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62100"
},
{
"name": "gnu-glibc-cve20147817-command-exec(98852)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98852"
},
{
"name": "62146",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62146"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17625"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
},
{
"name": "DSA-3142",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-7817",
"datePublished": "2014-11-24T15:00:00",
"dateReserved": "2014-10-03T00:00:00",
"dateUpdated": "2024-08-06T13:03:26.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4756 (GCVE-0-2010-4756)
Vulnerability from cvelistv5
Published
2011-03-02 19:00
Modified
2024-08-07 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:35.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityreason.com/exploitalert/9223"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681681"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-01T11:02:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityreason.com/exploitalert/9223"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681681"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4756",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"name": "http://securityreason.com/exploitalert/9223",
"refsource": "MISC",
"url": "http://securityreason.com/exploitalert/9223"
},
{
"name": "http://cxib.net/stuff/glob-0day.c",
"refsource": "MISC",
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=681681",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681681"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4756",
"datePublished": "2011-03-02T19:00:00",
"dateReserved": "2011-03-02T00:00:00",
"dateUpdated": "2024-08-07T03:55:35.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17426 (GCVE-0-2017-17426)
Vulnerability from cvelistv5
Published
2017-12-05 17:00
Modified
2024-09-16 16:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache (aka tcache) feature enables a code path that lacks an integer overflow check.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:31.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22375"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=34697694e8a93b325b18f25f7dcded55d6baeaf6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache (aka tcache) feature enables a code path that lacks an integer overflow check."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-05T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22375"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=34697694e8a93b325b18f25f7dcded55d6baeaf6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache (aka tcache) feature enables a code path that lacks an integer overflow check."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22375",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22375"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=34697694e8a93b325b18f25f7dcded55d6baeaf6",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=34697694e8a93b325b18f25f7dcded55d6baeaf6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-17426",
"datePublished": "2017-12-05T17:00:00Z",
"dateReserved": "2017-12-05T00:00:00Z",
"dateUpdated": "2024-09-16T16:32:49.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1752 (GCVE-0-2020-1752)
Vulnerability from cvelistv5
Published
2020-04-30 00:00
Modified
2024-08-04 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ddc650e9b3dc916eab417ce9f79e67337b05035c"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200511-0005/"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"name": "GLSA-202101-20",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "glibc",
"vendor": "GNU Libc",
"versions": [
{
"status": "affected",
"version": "Affected: versions 2.14 and later"
},
{
"status": "affected",
"version": "Fixed: version 2.32"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-17T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414"
},
{
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ddc650e9b3dc916eab417ce9f79e67337b05035c"
},
{
"url": "https://security.netapp.com/advisory/ntap-20200511-0005/"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"name": "GLSA-202101-20",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-1752",
"datePublished": "2020-04-30T00:00:00",
"dateReserved": "2019-11-27T00:00:00",
"dateUpdated": "2024-08-04T06:46:30.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1659 (GCVE-0-2011-1659)
Vulnerability from cvelistv5
Published
2011-04-08 15:00
Modified
2024-08-06 22:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:24.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681054"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "44353",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44353"
},
{
"name": "1025450",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025450"
},
{
"name": "gnuclibrary-fnmatch-dos(66819)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66819"
},
{
"name": "MDVSA-2011:178",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=48733"
},
{
"name": "MDVSA-2011:179",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:179"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12583"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=8126d90480fa3e0c5c5cd0d02cb1c93174b45485"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681054"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "44353",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44353"
},
{
"name": "1025450",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025450"
},
{
"name": "gnuclibrary-fnmatch-dos(66819)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66819"
},
{
"name": "MDVSA-2011:178",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=48733"
},
{
"name": "MDVSA-2011:179",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:179"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12583"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=8126d90480fa3e0c5c5cd0d02cb1c93174b45485"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1659",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=681054",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681054"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46397"
},
{
"name": "44353",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44353"
},
{
"name": "1025450",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025450"
},
{
"name": "gnuclibrary-fnmatch-dos(66819)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66819"
},
{
"name": "MDVSA-2011:178",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"name": "http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html",
"refsource": "MISC",
"url": "http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=48733",
"refsource": "MISC",
"url": "http://code.google.com/p/chromium/issues/detail?id=48733"
},
{
"name": "MDVSA-2011:179",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:179"
},
{
"name": "http://sourceware.org/bugzilla/show_bug.cgi?id=12583",
"refsource": "CONFIRM",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12583"
},
{
"name": "http://sourceware.org/git/?p=glibc.git;a=commit;h=8126d90480fa3e0c5c5cd0d02cb1c93174b45485",
"refsource": "CONFIRM",
"url": "http://sourceware.org/git/?p=glibc.git;a=commit;h=8126d90480fa3e0c5c5cd0d02cb1c93174b45485"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1659",
"datePublished": "2011-04-08T15:00:00",
"dateReserved": "2011-04-08T00:00:00",
"dateUpdated": "2024-08-06T22:37:24.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0824 (GCVE-0-2000-0824)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:41.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "glibc-ld-unsetenv(5173)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5173"
},
{
"name": "19990917 A few bugs...",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=93760201002154\u0026w=2"
},
{
"name": "20000924 glibc locale security problem",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"name": "20000906 [slackware-security]: glibc 2.1.3 vulnerabilities patched",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0525.html"
},
{
"name": "RHSA-2000:057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"name": "MDKSA-2000:045",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/updates/MDKSA-2000-045.php3"
},
{
"name": "20000902 Conectiva Linux Security Announcement - glibc",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"name": "1639",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1639"
},
{
"name": "TLSA2000020-1",
"tags": [
"vendor-advisory",
"x_refsource_TURBO",
"x_transferred"
],
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"name": "20000902 glibc: local root exploit",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2000/20000902"
},
{
"name": "20000831 glibc unsetenv bug",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/79537"
},
{
"name": "20000905 Conectiva Linux Security Announcement - glibc",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0509.html"
},
{
"name": "648",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/648"
},
{
"name": "CSSA-2000-028.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-028.0.txt"
},
{
"name": "MDKSA-2000:040",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/updates/MDKSA-2000-040.php3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "glibc-ld-unsetenv(5173)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5173"
},
{
"name": "19990917 A few bugs...",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=93760201002154\u0026w=2"
},
{
"name": "20000924 glibc locale security problem",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"name": "20000906 [slackware-security]: glibc 2.1.3 vulnerabilities patched",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0525.html"
},
{
"name": "RHSA-2000:057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"name": "MDKSA-2000:045",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/updates/MDKSA-2000-045.php3"
},
{
"name": "20000902 Conectiva Linux Security Announcement - glibc",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"name": "1639",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1639"
},
{
"name": "TLSA2000020-1",
"tags": [
"vendor-advisory",
"x_refsource_TURBO"
],
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"name": "20000902 glibc: local root exploit",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2000/20000902"
},
{
"name": "20000831 glibc unsetenv bug",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/79537"
},
{
"name": "20000905 Conectiva Linux Security Announcement - glibc",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0509.html"
},
{
"name": "648",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/648"
},
{
"name": "CSSA-2000-028.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-028.0.txt"
},
{
"name": "MDKSA-2000:040",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/updates/MDKSA-2000-040.php3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "glibc-ld-unsetenv(5173)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5173"
},
{
"name": "19990917 A few bugs...",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=93760201002154\u0026w=2"
},
{
"name": "20000924 glibc locale security problem",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"name": "20000906 [slackware-security]: glibc 2.1.3 vulnerabilities patched",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0525.html"
},
{
"name": "RHSA-2000:057",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"name": "MDKSA-2000:045",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/updates/MDKSA-2000-045.php3"
},
{
"name": "20000902 Conectiva Linux Security Announcement - glibc",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"name": "1639",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1639"
},
{
"name": "TLSA2000020-1",
"refsource": "TURBO",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"name": "20000902 glibc: local root exploit",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2000/20000902"
},
{
"name": "20000831 glibc unsetenv bug",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/79537"
},
{
"name": "20000905 Conectiva Linux Security Announcement - glibc",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0509.html"
},
{
"name": "648",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/648"
},
{
"name": "CSSA-2000-028.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-028.0.txt"
},
{
"name": "MDKSA-2000:040",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/updates/MDKSA-2000-040.php3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0824",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-10-15T00:00:00",
"dateUpdated": "2024-08-08T05:28:41.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5156 (GCVE-0-2023-5156)
Vulnerability from cvelistv5
Published
2023-09-25 15:55
Modified
2025-01-10 22:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Summary
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/8"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-5156"
},
{
"name": "RHBZ#2240541",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240541"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202402-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30884"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "compat-glibc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unknown",
"packageName": "compat-glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unknown",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Romain Geissler for reporting this issue."
}
],
"datePublic": "2023-09-25T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T22:20:04.399Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-5156"
},
{
"name": "RHBZ#2240541",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240541"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30884"
},
{
"url": "https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-25T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-09-25T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Glibc: dos due to memory leak in getaddrinfo.c",
"x_redhatCweChain": "CWE-401: Missing Release of Memory after Effective Lifetime"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-5156",
"datePublished": "2023-09-25T15:55:15.558Z",
"dateReserved": "2023-09-25T07:15:13.621Z",
"dateUpdated": "2025-01-10T22:20:04.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1000409 (GCVE-0-2017-1000409)
Vulnerability from cvelistv5
Published
2018-02-01 04:00
Modified
2024-08-05 22:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:39.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43331",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/43331/"
},
{
"name": "[oss-security] 20171211 Qualys Security Advisory - Buffer overflow in glibc\u0027s ld.so",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2017/q4/385"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2017-12-05T00:00:00",
"datePublic": "2018-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-04T10:06:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "43331",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/43331/"
},
{
"name": "[oss-security] 20171211 Qualys Security Advisory - Buffer overflow in glibc\u0027s ld.so",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2017/q4/385"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-12-05",
"ID": "CVE-2017-1000409",
"REQUESTER": "qsa@qualys.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43331",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43331/"
},
{
"name": "[oss-security] 20171211 Qualys Security Advisory - Buffer overflow in glibc\u0027s ld.so",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2017/q4/385"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190404-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000409",
"datePublished": "2018-02-01T04:00:00",
"dateReserved": "2017-12-05T00:00:00",
"dateUpdated": "2024-08-05T22:00:39.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0968 (GCVE-0-2004-0968)
Vulnerability from cvelistv5
Published
2004-10-20 04:00
Modified
2024-08-08 00:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:38:58.907Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-636",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-636"
},
{
"name": "oval:org.mitre.oval:def:9523",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9523"
},
{
"name": "RHSA-2005:261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-261.html"
},
{
"name": "script-temporary-file-overwrite(17583)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
},
{
"name": "11286",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11286"
},
{
"name": "USN-4-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://www.ubuntu.com/usn/usn-4-1/"
},
{
"name": "GLSA-200410-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200410-19.xml"
},
{
"name": "2004-0050",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2004/0050"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136318"
},
{
"name": "RHSA-2004:586",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-586.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-636",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-636"
},
{
"name": "oval:org.mitre.oval:def:9523",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9523"
},
{
"name": "RHSA-2005:261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-261.html"
},
{
"name": "script-temporary-file-overwrite(17583)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
},
{
"name": "11286",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11286"
},
{
"name": "USN-4-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://www.ubuntu.com/usn/usn-4-1/"
},
{
"name": "GLSA-200410-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200410-19.xml"
},
{
"name": "2004-0050",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2004/0050"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136318"
},
{
"name": "RHSA-2004:586",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-586.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0968",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-636",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-636"
},
{
"name": "oval:org.mitre.oval:def:9523",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9523"
},
{
"name": "RHSA-2005:261",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-261.html"
},
{
"name": "script-temporary-file-overwrite(17583)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
},
{
"name": "11286",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11286"
},
{
"name": "USN-4-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-4-1/"
},
{
"name": "GLSA-200410-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200410-19.xml"
},
{
"name": "2004-0050",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2004/0050"
},
{
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136318",
"refsource": "CONFIRM",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136318"
},
{
"name": "RHSA-2004:586",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-586.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0968",
"datePublished": "2004-10-20T04:00:00",
"dateReserved": "2004-10-19T00:00:00",
"dateUpdated": "2024-08-08T00:38:58.907Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23218 (GCVE-0-2022-23218)
Vulnerability from cvelistv5
Published
2022-01-14 00:00
Modified
2025-05-05 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "GLSA-202208-24",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-24"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-23218",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:31:43.227591Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:27:38.029Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-17T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "GLSA-202208-24",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-24"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23218",
"datePublished": "2022-01-14T00:00:00.000Z",
"dateReserved": "2022-01-14T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:27:38.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19126 (GCVE-0-2019-19126)
Vulnerability from cvelistv5
Published
2019-11-19 00:00
Modified
2024-08-05 02:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204"
},
{
"name": "FEDORA-2020-1a3bdfde17",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/"
},
{
"name": "FEDORA-2020-c32e4b271c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-17T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204"
},
{
"name": "FEDORA-2020-1a3bdfde17",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/"
},
{
"name": "FEDORA-2020-c32e4b271c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19126",
"datePublished": "2019-11-19T00:00:00",
"dateReserved": "2019-11-19T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1000001 (GCVE-0-2018-1000001)
Vulnerability from cvelistv5
Published
2018-01-31 14:00
Modified
2024-08-05 12:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:33:48.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20180111 Libc Realpath Buffer Underflow CVE-2018-1000001",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2018/q1/38"
},
{
"name": "USN-3534-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3534-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/"
},
{
"name": "102525",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102525"
},
{
"name": "44889",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44889/"
},
{
"name": "43775",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/43775/"
},
{
"name": "USN-3536-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3536-1/"
},
{
"name": "RHSA-2018:0805",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"name": "1040162",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040162"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-04T10:06:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20180111 Libc Realpath Buffer Underflow CVE-2018-1000001",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2018/q1/38"
},
{
"name": "USN-3534-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3534-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/"
},
{
"name": "102525",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102525"
},
{
"name": "44889",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44889/"
},
{
"name": "43775",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/43775/"
},
{
"name": "USN-3536-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3536-1/"
},
{
"name": "RHSA-2018:0805",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"name": "1040162",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040162"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-1000001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20180111 Libc Realpath Buffer Underflow CVE-2018-1000001",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2018/q1/38"
},
{
"name": "USN-3534-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3534-1/"
},
{
"name": "https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/",
"refsource": "MISC",
"url": "https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/"
},
{
"name": "102525",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102525"
},
{
"name": "44889",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44889/"
},
{
"name": "43775",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43775/"
},
{
"name": "USN-3536-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3536-1/"
},
{
"name": "RHSA-2018:0805",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"name": "1040162",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040162"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190404-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-1000001",
"datePublished": "2018-01-31T14:00:00",
"dateReserved": "2018-01-16T00:00:00",
"dateUpdated": "2024-08-05T12:33:48.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0296 (GCVE-0-2010-0296)
Vulnerability from cvelistv5
Published
2010-06-01 20:00
Modified
2024-08-07 00:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:11.881Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2010:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"name": "GLSA-201011-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46397"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ab00f4eac8f4932211259ff87be83144f5211540"
},
{
"name": "ADV-2010-1246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1246"
},
{
"name": "RHSA-2011:0412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"name": "ADV-2011-0863",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"name": "USN-944-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-944-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=559579"
},
{
"name": "39900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39900"
},
{
"name": "SUSE-SA:2010:052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"name": "43830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43830"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "1024043",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024043"
},
{
"name": "gnuclibrary-encodenamemacro-dos(59240)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59240"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://frugalware.org/security/662"
},
{
"name": "MDVSA-2010:112",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"name": "DSA-2058",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-13T20:06:04",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDVSA-2010:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"name": "GLSA-201011-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46397"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ab00f4eac8f4932211259ff87be83144f5211540"
},
{
"name": "ADV-2010-1246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1246"
},
{
"name": "RHSA-2011:0412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"name": "ADV-2011-0863",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"name": "USN-944-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-944-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=559579"
},
{
"name": "39900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39900"
},
{
"name": "SUSE-SA:2010:052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"name": "43830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43830"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "1024043",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024043"
},
{
"name": "gnuclibrary-encodenamemacro-dos(59240)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59240"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://frugalware.org/security/662"
},
{
"name": "MDVSA-2010:112",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"name": "DSA-2058",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0296",
"datePublished": "2010-06-01T20:00:00",
"dateReserved": "2010-01-12T00:00:00",
"dateUpdated": "2024-08-07T00:45:11.881Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1382 (GCVE-0-2004-1382)
Vulnerability from cvelistv5
Published
2005-02-06 05:00
Modified
2024-08-08 00:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-636",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-636"
},
{
"name": "RHSA-2005:261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-261.html"
},
{
"name": "MDKSA-2004:159",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:159"
},
{
"name": "20041028 [USN-4-1] Standard C library script vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109899903129801\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-636",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-636"
},
{
"name": "RHSA-2005:261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-261.html"
},
{
"name": "MDKSA-2004:159",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:159"
},
{
"name": "20041028 [USN-4-1] Standard C library script vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109899903129801\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-636",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-636"
},
{
"name": "RHSA-2005:261",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-261.html"
},
{
"name": "MDKSA-2004:159",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:159"
},
{
"name": "20041028 [USN-4-1] Standard C library script vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109899903129801\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1382",
"datePublished": "2005-02-06T05:00:00",
"dateReserved": "2005-01-28T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5417 (GCVE-0-2016-5417)
Vulnerability from cvelistv5
Published
2017-02-16 18:00
Modified
2024-08-06 01:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service (memory consumption) by leveraging partial initialization of internal resolver data structures.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:00:59.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19257"
},
{
"name": "92257",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92257"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=2212c1420c92a33b0e0bd9a34938c9814a56c0f7"
},
{
"name": "[oss-security] 20160802 glibc: Per-thread memory leak in __res_vinit with IPv6 nameservers (CVE-2016-5417)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/08/02/5"
},
{
"name": "[libc-alpha] 20160804 The GNU C Library version 2.24 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-08/msg00212.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service (memory consumption) by leveraging partial initialization of internal resolver data structures."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-16T17:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19257"
},
{
"name": "92257",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92257"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=2212c1420c92a33b0e0bd9a34938c9814a56c0f7"
},
{
"name": "[oss-security] 20160802 glibc: Per-thread memory leak in __res_vinit with IPv6 nameservers (CVE-2016-5417)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/08/02/5"
},
{
"name": "[libc-alpha] 20160804 The GNU C Library version 2.24 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-08/msg00212.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-5417",
"datePublished": "2017-02-16T18:00:00",
"dateReserved": "2016-06-10T00:00:00",
"dateUpdated": "2024-08-06T01:00:59.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0684 (GCVE-0-2002-0684)
Vulnerability from cvelistv5
Published
2002-07-31 04:00
Modified
2024-08-08 02:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:38.725Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2002:050",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-050.php"
},
{
"name": "CLSA-2002:507",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com/atualizacoes/?id=a\u0026anuncio=000507"
},
{
"name": "VU#542971",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/542971"
},
{
"name": "20020704 Re: Remote buffer overflow in resolver code of libc",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102581482511612\u0026w=2"
},
{
"name": "RHSA-2002:139",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2002-139.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-06-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2002:050",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-050.php"
},
{
"name": "CLSA-2002:507",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com/atualizacoes/?id=a\u0026anuncio=000507"
},
{
"name": "VU#542971",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/542971"
},
{
"name": "20020704 Re: Remote buffer overflow in resolver code of libc",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102581482511612\u0026w=2"
},
{
"name": "RHSA-2002:139",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2002-139.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0684",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2002:050",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-050.php"
},
{
"name": "CLSA-2002:507",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com/atualizacoes/?id=a\u0026anuncio=000507"
},
{
"name": "VU#542971",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/542971"
},
{
"name": "20020704 Re: Remote buffer overflow in resolver code of libc",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102581482511612\u0026w=2"
},
{
"name": "RHSA-2002:139",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2002-139.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0684",
"datePublished": "2002-07-31T04:00:00",
"dateReserved": "2002-07-11T00:00:00",
"dateUpdated": "2024-08-08T02:56:38.725Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-25013 (GCVE-0-2019-25013)
Vulnerability from cvelistv5
Published
2021-01-04 00:00
Modified
2025-06-09 15:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:00:18.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ee7a3144c9922808181009b7b3e50e852fb4999b"
},
{
"name": "FEDORA-2021-6feb090c97",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/"
},
{
"name": "FEDORA-2021-6e581c051a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/"
},
{
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"name": "[kafka-dev] 20210420 [jira] [Created] (KAFKA-12698) CVE-2019-25013 vulnerability reported in Kafka",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210420 [jira] [Created] (KAFKA-12698) CVE-2019-25013 vulnerability reported in Kafka",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210423 [jira] [Commented] (KAFKA-12698) CVE-2019-25013 high priority vulnerability reported in Kafka",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210423 [jira] [Created] (ZOOKEEPER-4285) High CVE-2019-25013 reported by Clair scanner for Zookeeper 3.6.1",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-dev] 20210423 [jira] [Created] (ZOOKEEPER-4285) High CVE-2019-25013 reported by Clair scanner for Zookeeper 3.6.1",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc%40%3Cdev.zookeeper.apache.org%3E"
},
{
"name": "[kafka-jira] 20210423 [jira] [Updated] (KAFKA-12698) CVE-2019-25013 high priority vulnerability reported in Kafka",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210423 [jira] [Comment Edited] (KAFKA-12698) CVE-2019-25013 high priority vulnerability reported in Kafka",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210506 [jira] [Resolved] (ZOOKEEPER-4285) High CVE-2019-25013 reported by Clair scanner for Zookeeper 3.6.1",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "GLSA-202107-07",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210205-0004/"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2019-25013",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T15:16:13.087398Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T15:16:54.357Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-17T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973"
},
{
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ee7a3144c9922808181009b7b3e50e852fb4999b"
},
{
"name": "FEDORA-2021-6feb090c97",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/"
},
{
"name": "FEDORA-2021-6e581c051a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/"
},
{
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"name": "[kafka-dev] 20210420 [jira] [Created] (KAFKA-12698) CVE-2019-25013 vulnerability reported in Kafka",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210420 [jira] [Created] (KAFKA-12698) CVE-2019-25013 vulnerability reported in Kafka",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210423 [jira] [Commented] (KAFKA-12698) CVE-2019-25013 high priority vulnerability reported in Kafka",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210423 [jira] [Created] (ZOOKEEPER-4285) High CVE-2019-25013 reported by Clair scanner for Zookeeper 3.6.1",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-dev] 20210423 [jira] [Created] (ZOOKEEPER-4285) High CVE-2019-25013 reported by Clair scanner for Zookeeper 3.6.1",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc%40%3Cdev.zookeeper.apache.org%3E"
},
{
"name": "[kafka-jira] 20210423 [jira] [Updated] (KAFKA-12698) CVE-2019-25013 high priority vulnerability reported in Kafka",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210423 [jira] [Comment Edited] (KAFKA-12698) CVE-2019-25013 high priority vulnerability reported in Kafka",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210506 [jira] [Resolved] (ZOOKEEPER-4285) High CVE-2019-25013 reported by Clair scanner for Zookeeper 3.6.1",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "GLSA-202107-07",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210205-0004/"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-25013",
"datePublished": "2021-01-04T00:00:00.000Z",
"dateReserved": "2021-01-04T00:00:00.000Z",
"dateUpdated": "2025-06-09T15:16:54.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1010024 (GCVE-0-2019-1010024)
Vulnerability from cvelistv5
Published
2019-07-15 03:06
Modified
2024-08-05 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Mitigation bypass
Summary
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:07:18.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852"
},
{
"name": "109162",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/109162"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K06046097"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"name": "CVE-2019-1010024",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010024"
},
{
"name": "CVE-2019-1010024",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2019-1010024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "glibc",
"vendor": "GNU Libc",
"versions": [
{
"status": "affected",
"version": "current (At least as of 2018-02-16)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Mitigation bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-16T19:46:23",
"orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"shortName": "dwf"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852"
},
{
"name": "109162",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/109162"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K06046097"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"name": "CVE-2019-1010024",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010024"
},
{
"name": "CVE-2019-1010024",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://ubuntu.com/security/CVE-2019-1010024"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "glibc",
"version": {
"version_data": [
{
"version_value": "current (At least as of 2018-02-16)"
}
]
}
}
]
},
"vendor_name": "GNU Libc"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mitigation bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852"
},
{
"name": "109162",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109162"
},
{
"name": "https://support.f5.com/csp/article/K06046097",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K06046097"
},
{
"name": "https://support.f5.com/csp/article/K06046097?utm_source=f5support\u0026amp;utm_medium=RSS",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support\u0026amp;utm_medium=RSS"
},
{
"name": "CVE-2019-1010024",
"refsource": "DEBIAN",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010024"
},
{
"name": "CVE-2019-1010024",
"refsource": "UBUNTU",
"url": "https://ubuntu.com/security/CVE-2019-1010024"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"assignerShortName": "dwf",
"cveId": "CVE-2019-1010024",
"datePublished": "2019-07-15T03:06:26",
"dateReserved": "2019-03-20T00:00:00",
"dateUpdated": "2024-08-05T03:07:18.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3404 (GCVE-0-2012-3404)
Vulnerability from cvelistv5
Published
2014-02-10 17:00
Modified
2024-08-06 20:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2012:1200",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=12445"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833703"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2012:1098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"name": "USN-1589-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"name": "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2012:1200",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=12445"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833703"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2012:1098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"name": "USN-1589-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"name": "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3404",
"datePublished": "2014-02-10T17:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1472 (GCVE-0-2015-1472)
Vulnerability from cvelistv5
Published
2015-04-08 10:00
Modified
2024-08-06 04:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:47:15.942Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "USN-2519-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"name": "72428",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72428"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06"
},
{
"name": "[libc-alpha] 20150206 The GNU C Library version 2.21 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://sourceware.org/ml/libc-alpha/2015-02/msg00119.html"
},
{
"name": "[oss-security] 20150203 Re: CVE request: heap buffer overflow in glibc swscanf",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2015/02/04/1"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-05T01:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "USN-2519-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"name": "72428",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72428"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06"
},
{
"name": "[libc-alpha] 20150206 The GNU C Library version 2.21 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://sourceware.org/ml/libc-alpha/2015-02/msg00119.html"
},
{
"name": "[oss-security] 20150203 Re: CVE request: heap buffer overflow in glibc swscanf",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2015/02/04/1"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1472",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "GLSA-201602-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "USN-2519-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"name": "72428",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72428"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06"
},
{
"name": "[libc-alpha] 20150206 The GNU C Library version 2.21 is now available",
"refsource": "MLIST",
"url": "https://sourceware.org/ml/libc-alpha/2015-02/msg00119.html"
},
{
"name": "[oss-security] 20150203 Re: CVE request: heap buffer overflow in glibc swscanf",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2015/02/04/1"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"name": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1472",
"datePublished": "2015-04-08T10:00:00",
"dateReserved": "2015-02-03T00:00:00",
"dateUpdated": "2024-08-06T04:47:15.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7547 (GCVE-0-2015-7547)
Vulnerability from cvelistv5
Published
2016-02-18 21:00
Modified
2024-08-06 07:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:51:28.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035020",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035020"
},
{
"name": "HPSBGN03582",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=146161017210491\u0026w=2"
},
{
"name": "SUSE-SU-2016:0471",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "RHSA-2016:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0175.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18665"
},
{
"name": "HPSBGN03551",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145857691004892\u0026w=2"
},
{
"name": "RHSA-2016:0225",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0225.html"
},
{
"name": "FEDORA-2016-0f9e9a34ce",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161"
},
{
"name": "DSA-3481",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "openSUSE-SU-2016:0510",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"name": "USN-2900-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-2900-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917"
},
{
"name": "RHSA-2016:0277",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0277.html"
},
{
"name": "openSUSE-SU-2016:0511",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20160217-0002/"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/len_5450"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2017-08"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0002.html"
},
{
"name": "HPSBGN03549",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145672440608228\u0026w=2"
},
{
"name": "83265",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/83265"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937"
},
{
"name": "HPSBGN03547",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145596041017029\u0026w=2"
},
{
"name": "SUSE-SU-2016:0472",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "40339",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40339/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa114"
},
{
"name": "[libc-alpha] 20160216 [PATCH] CVE-2015-7547 --- glibc getaddrinfo() stack-based buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html"
},
{
"name": "SUSE-SU-2016:0473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1293532"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html"
},
{
"name": "RHSA-2016:0176",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0176.html"
},
{
"name": "FEDORA-2016-0480defc94",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html"
},
{
"name": "openSUSE-SU-2016:0512",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404"
},
{
"name": "DSA-3480",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01"
},
{
"name": "39454",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/39454/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX206991"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en"
},
{
"name": "VU#457759",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/457759"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/articles/2161461"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10150"
},
{
"name": "HPSBGN03442",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145690841819314\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"name": "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17"
},
{
"name": "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Jun/36"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing \"dual A/AAAA DNS queries\" and the libnss_dns.so.2 NSS module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-20T18:06:34",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1035020",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035020"
},
{
"name": "HPSBGN03582",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=146161017210491\u0026w=2"
},
{
"name": "SUSE-SU-2016:0471",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "RHSA-2016:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0175.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18665"
},
{
"name": "HPSBGN03551",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145857691004892\u0026w=2"
},
{
"name": "RHSA-2016:0225",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0225.html"
},
{
"name": "FEDORA-2016-0f9e9a34ce",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161"
},
{
"name": "DSA-3481",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "openSUSE-SU-2016:0510",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"name": "USN-2900-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-2900-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917"
},
{
"name": "RHSA-2016:0277",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0277.html"
},
{
"name": "openSUSE-SU-2016:0511",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20160217-0002/"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/len_5450"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2017-08"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0002.html"
},
{
"name": "HPSBGN03549",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145672440608228\u0026w=2"
},
{
"name": "83265",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/83265"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937"
},
{
"name": "HPSBGN03547",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145596041017029\u0026w=2"
},
{
"name": "SUSE-SU-2016:0472",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "40339",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40339/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bto.bluecoat.com/security-advisory/sa114"
},
{
"name": "[libc-alpha] 20160216 [PATCH] CVE-2015-7547 --- glibc getaddrinfo() stack-based buffer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html"
},
{
"name": "SUSE-SU-2016:0473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1293532"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html"
},
{
"name": "RHSA-2016:0176",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0176.html"
},
{
"name": "FEDORA-2016-0480defc94",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html"
},
{
"name": "openSUSE-SU-2016:0512",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404"
},
{
"name": "DSA-3480",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01"
},
{
"name": "39454",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/39454/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX206991"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en"
},
{
"name": "VU#457759",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/457759"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/articles/2161461"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10150"
},
{
"name": "HPSBGN03442",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145690841819314\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"name": "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17"
},
{
"name": "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/Jun/36"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-7547",
"datePublished": "2016-02-18T21:00:00",
"dateReserved": "2015-09-29T00:00:00",
"dateUpdated": "2024-08-06T07:51:28.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9984 (GCVE-0-2014-9984)
Vulnerability from cvelistv5
Published
2017-06-12 13:00
Modified
2024-08-06 14:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:02:37.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16695"
},
{
"name": "99071",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99071"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=c44496df2f090a56d3bf75df930592dac6bba46f"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-06-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-05T01:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16695"
},
{
"name": "99071",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99071"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=c44496df2f090a56d3bf75df930592dac6bba46f"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=16695",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16695"
},
{
"name": "99071",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99071"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=c44496df2f090a56d3bf75df930592dac6bba46f",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=c44496df2f090a56d3bf75df930592dac6bba46f"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"name": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9984",
"datePublished": "2017-06-12T13:00:00",
"dateReserved": "2017-06-12T00:00:00",
"dateUpdated": "2024-08-06T14:02:37.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1010025 (GCVE-0-2019-1010025)
Vulnerability from cvelistv5
Published
2019-07-15 03:11
Modified
2024-08-05 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Mitigation bypass
Summary
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:07:18.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K06046097"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"name": "CVE-2019-1010025",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010025"
},
{
"name": "CVE-2019-1010025",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2019-1010025"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "glibc",
"vendor": "GNU Libc",
"versions": [
{
"status": "affected",
"version": "current (At least as of 2018-02-16)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor\u0027s position is \"ASLR bypass itself is not a vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Mitigation bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-16T19:48:53",
"orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"shortName": "dwf"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K06046097"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"name": "CVE-2019-1010025",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010025"
},
{
"name": "CVE-2019-1010025",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://ubuntu.com/security/CVE-2019-1010025"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "glibc",
"version": {
"version_data": [
{
"version_value": "current (At least as of 2018-02-16)"
}
]
}
}
]
},
"vendor_name": "GNU Libc"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor\u0027s position is \"ASLR bypass itself is not a vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mitigation bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853"
},
{
"name": "https://support.f5.com/csp/article/K06046097",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K06046097"
},
{
"name": "https://support.f5.com/csp/article/K06046097?utm_source=f5support\u0026amp;utm_medium=RSS",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support\u0026amp;utm_medium=RSS"
},
{
"name": "CVE-2019-1010025",
"refsource": "DEBIAN",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010025"
},
{
"name": "CVE-2019-1010025",
"refsource": "UBUNTU",
"url": "https://ubuntu.com/security/CVE-2019-1010025"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"assignerShortName": "dwf",
"cveId": "CVE-2019-1010025",
"datePublished": "2019-07-15T03:11:46",
"dateReserved": "2019-03-20T00:00:00",
"dateUpdated": "2024-08-05T03:07:18.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15671 (GCVE-0-2017-15671)
Vulnerability from cvelistv5
Published
2017-10-20 17:00
Modified
2024-08-05 19:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak).
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22325"
},
{
"name": "101517",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101517"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-24T09:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22325"
},
{
"name": "101517",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101517"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15671",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22325",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22325"
},
{
"name": "101517",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101517"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15671",
"datePublished": "2017-10-20T17:00:00",
"dateReserved": "2017-10-20T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4527 (GCVE-0-2023-4527)
Vulnerability from cvelistv5
Published
2023-09-18 16:32
Modified
2024-12-03 14:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Red Hat | Red Hat Enterprise Linux 8 |
Unaffected: 0:2.28-225.el8_8.6 < * cpe:/a:redhat:enterprise_linux:8::crb cpe:/o:redhat:enterprise_linux:8::baseos cpe:/a:redhat:enterprise_linux:8::appstream |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:31:06.064Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/25/1"
},
{
"name": "RHSA-2023:5453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"name": "RHSA-2023:5455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4527"
},
{
"name": "RHBZ#2234712",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234712"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-03"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231116-0012/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4527",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-03T14:44:32.771215Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T14:44:48.342Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::crb",
"cpe:/o:redhat:enterprise_linux:8::baseos",
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.28-225.el8_8.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::crb",
"cpe:/o:redhat:enterprise_linux:8::baseos",
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.28-225.el8_8.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb",
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.34-60.el9_2.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb",
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.34-60.el9_2.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "compat-glibc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "compat-glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Florian Weimer (Red Hat)."
}
],
"datePublic": "2023-09-12T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-23T01:12:22.555Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2023:5453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"name": "RHSA-2023:5455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4527"
},
{
"name": "RHBZ#2234712",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234712"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-08-24T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-09-12T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Glibc: stack read overflow in getaddrinfo in no-aaaa mode",
"workarounds": [
{
"lang": "en",
"value": "Removing the no-aaaa diagnostic option from /etc/resolv.conf will mitigate this flaw."
}
],
"x_redhatCweChain": "CWE-121: Stack-based Buffer Overflow"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-4527",
"datePublished": "2023-09-18T16:32:18.597Z",
"dateReserved": "2023-08-24T19:36:21.484Z",
"dateUpdated": "2024-12-03T14:44:48.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2856 (GCVE-0-2016-2856)
Vulnerability from cvelistv5
Published
2016-03-14 01:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10 lacks a namespace check associated with file-descriptor passing, which allows local users to capture keystrokes and spoof data, and possibly gain privileges, via pts read and write operations, related to debian/sysdeps/linux.mk. NOTE: this is not considered a vulnerability in the upstream GNU C Library because the upstream documentation has a clear security recommendation against the --enable-pt_chown option.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:13.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie\u0026id=11475c083282c1582c4dd72eecfcb2b7d308c958"
},
{
"name": "[oss-security] 20160306 Re: Access to /dev/pts devices via pt_chown and user namespaces",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/03/07/2"
},
{
"name": "84601",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/84601"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2856.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie\u0026id=09f7764882a81e13e7b5d87d715412283a6ce403"
},
{
"name": "[oss-security] 20160223 Access to /dev/pts devices via pt_chown and user namespaces",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/02/23/3"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10 lacks a namespace check associated with file-descriptor passing, which allows local users to capture keystrokes and spoof data, and possibly gain privileges, via pts read and write operations, related to debian/sysdeps/linux.mk. NOTE: this is not considered a vulnerability in the upstream GNU C Library because the upstream documentation has a clear security recommendation against the --enable-pt_chown option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie\u0026id=11475c083282c1582c4dd72eecfcb2b7d308c958"
},
{
"name": "[oss-security] 20160306 Re: Access to /dev/pts devices via pt_chown and user namespaces",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/03/07/2"
},
{
"name": "84601",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/84601"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2856.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie\u0026id=09f7764882a81e13e7b5d87d715412283a6ce403"
},
{
"name": "[oss-security] 20160223 Access to /dev/pts devices via pt_chown and user namespaces",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/02/23/3"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2856",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10 lacks a namespace check associated with file-descriptor passing, which allows local users to capture keystrokes and spoof data, and possibly gain privileges, via pts read and write operations, related to debian/sysdeps/linux.mk. NOTE: this is not considered a vulnerability in the upstream GNU C Library because the upstream documentation has a clear security recommendation against the --enable-pt_chown option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/",
"refsource": "MISC",
"url": "http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/"
},
{
"name": "http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie\u0026id=11475c083282c1582c4dd72eecfcb2b7d308c958",
"refsource": "CONFIRM",
"url": "http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie\u0026id=11475c083282c1582c4dd72eecfcb2b7d308c958"
},
{
"name": "[oss-security] 20160306 Re: Access to /dev/pts devices via pt_chown and user namespaces",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/03/07/2"
},
{
"name": "84601",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84601"
},
{
"name": "USN-2985-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2856.html",
"refsource": "CONFIRM",
"url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2856.html"
},
{
"name": "http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie\u0026id=09f7764882a81e13e7b5d87d715412283a6ce403",
"refsource": "CONFIRM",
"url": "http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie\u0026id=09f7764882a81e13e7b5d87d715412283a6ce403"
},
{
"name": "[oss-security] 20160223 Access to /dev/pts devices via pt_chown and user namespaces",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/02/23/3"
},
{
"name": "USN-2985-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2856",
"datePublished": "2016-03-14T01:00:00",
"dateReserved": "2016-03-06T00:00:00",
"dateUpdated": "2024-08-05T23:40:13.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-7423 (GCVE-0-2013-7423)
Vulnerability from cvelistv5
Published
2015-02-24 15:00
Modified
2024-08-06 18:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:16.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/golang/go/issues/6336"
},
{
"name": "[oss-security] 20150128 Re: the other glibc issue",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/28/20"
},
{
"name": "openSUSE-SU-2015:0351",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15946"
},
{
"name": "USN-2519-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"name": "RHSA-2015:0863",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0863.html"
},
{
"name": "72844",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72844"
},
{
"name": "RHSA-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1207"
},
{
"name": "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-01T17:06:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/golang/go/issues/6336"
},
{
"name": "[oss-security] 20150128 Re: the other glibc issue",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/28/20"
},
{
"name": "openSUSE-SU-2015:0351",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15946"
},
{
"name": "USN-2519-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"name": "RHSA-2015:0863",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0863.html"
},
{
"name": "72844",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72844"
},
{
"name": "RHSA-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1207"
},
{
"name": "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/golang/go/issues/6336",
"refsource": "CONFIRM",
"url": "https://github.com/golang/go/issues/6336"
},
{
"name": "[oss-security] 20150128 Re: the other glibc issue",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/28/20"
},
{
"name": "openSUSE-SU-2015:0351",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html"
},
{
"name": "GLSA-201602-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=15946",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15946"
},
{
"name": "USN-2519-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"name": "RHSA-2015:0863",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0863.html"
},
{
"name": "72844",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72844"
},
{
"name": "RHSA-2016:1207",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1207"
},
{
"name": "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"name": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-7423",
"datePublished": "2015-02-24T15:00:00",
"dateReserved": "2015-01-28T00:00:00",
"dateUpdated": "2024-08-06T18:09:16.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5180 (GCVE-0-2015-5180)
Vulnerability from cvelistv5
Published
2017-06-27 20:00
Modified
2024-08-06 06:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:41:08.765Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/attachment.cgi?id=8492"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1249603"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18784"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=fc82b0a2dfe7dbd35671c10510a8da1043d746a5"
},
{
"name": "USN-3239-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3239-1"
},
{
"name": "[libc-alpha@sourceware.org] 20170205 The GNU C Library version 2.25 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html"
},
{
"name": "USN-3239-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3239-2"
},
{
"name": "GLSA-201706-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"name": "99324",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99324"
},
{
"name": "RHSA-2018:0805",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-08-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-16T17:40:46",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/attachment.cgi?id=8492"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1249603"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18784"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=fc82b0a2dfe7dbd35671c10510a8da1043d746a5"
},
{
"name": "USN-3239-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3239-1"
},
{
"name": "[libc-alpha@sourceware.org] 20170205 The GNU C Library version 2.25 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html"
},
{
"name": "USN-3239-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3239-2"
},
{
"name": "GLSA-201706-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"name": "99324",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99324"
},
{
"name": "RHSA-2018:0805",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-5180",
"datePublished": "2017-06-27T20:00:00",
"dateReserved": "2015-07-01T00:00:00",
"dateUpdated": "2024-08-06T06:41:08.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33574 (GCVE-0-2021-33574)
Vulnerability from cvelistv5
Published
2021-05-25 00:00
Modified
2024-08-03 23:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:50:43.098Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1"
},
{
"name": "FEDORA-2021-7ddb8b0537",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210629-0005/"
},
{
"name": "GLSA-202107-07",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"name": "FEDORA-2021-f29b4643c7",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-17T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1"
},
{
"name": "FEDORA-2021-7ddb8b0537",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210629-0005/"
},
{
"name": "GLSA-202107-07",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"name": "FEDORA-2021-f29b4643c7",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-33574",
"datePublished": "2021-05-25T00:00:00",
"dateReserved": "2021-05-25T00:00:00",
"dateUpdated": "2024-08-03T23:50:43.098Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5119 (GCVE-0-2014-5119)
Vulnerability from cvelistv5
Published
2014-08-29 17:00
Modified
2024-08-06 11:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:37.416Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60441"
},
{
"name": "[oss-security] 20170713 Re: [CVE Request] glibc iconv_open buffer overflow (was: Re: Re: glibc locale issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/08/13/5"
},
{
"name": "69738",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69738"
},
{
"name": "RHSA-2014:1118",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1118.html"
},
{
"name": "RHSA-2014:1110",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2014-1110.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"name": "60345",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60345"
},
{
"name": "61093",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61093"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "MDVSA-2014:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:175"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html"
},
{
"name": "[oss-security] 20170713 glibc locale issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/14/1"
},
{
"name": "68983",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68983"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17187"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://code.google.com/p/google-security-research/issues/detail?id=96"
},
{
"name": "20140826 CVE-2014-5119 glibc __gconv_translit_find() exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Aug/69"
},
{
"name": "DSA-3012",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3012"
},
{
"name": "61074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61074"
},
{
"name": "20140910 Cisco Unified Communications Manager glibc Arbitrary Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-5119"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
},
{
"name": "SUSE-SU-2014:1125",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00017.html"
},
{
"name": "60358",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60358"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-04T17:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "60441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60441"
},
{
"name": "[oss-security] 20170713 Re: [CVE Request] glibc iconv_open buffer overflow (was: Re: Re: glibc locale issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/08/13/5"
},
{
"name": "69738",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69738"
},
{
"name": "RHSA-2014:1118",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1118.html"
},
{
"name": "RHSA-2014:1110",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2014-1110.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"name": "60345",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60345"
},
{
"name": "61093",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61093"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "MDVSA-2014:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:175"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html"
},
{
"name": "[oss-security] 20170713 glibc locale issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/14/1"
},
{
"name": "68983",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68983"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17187"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://code.google.com/p/google-security-research/issues/detail?id=96"
},
{
"name": "20140826 CVE-2014-5119 glibc __gconv_translit_find() exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Aug/69"
},
{
"name": "DSA-3012",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3012"
},
{
"name": "61074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61074"
},
{
"name": "20140910 Cisco Unified Communications Manager glibc Arbitrary Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-5119"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
},
{
"name": "SUSE-SU-2014:1125",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00017.html"
},
{
"name": "60358",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60358"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-5119",
"datePublished": "2014-08-29T17:00:00",
"dateReserved": "2014-07-30T00:00:00",
"dateUpdated": "2024-08-06T11:34:37.416Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9192 (GCVE-0-2019-9192)
Vulnerability from cvelistv5
Published
2019-02-26 18:00
Modified
2024-08-04 21:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:38:46.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp%3Butm_medium=RSS"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by \u0027(|)(\\\\1\\\\1)*\u0027 in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-05T20:06:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp%3Butm_medium=RSS"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by \u0027(|)(\\\\1\\\\1)*\u0027 in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269"
},
{
"name": "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-9192",
"datePublished": "2019-02-26T18:00:00",
"dateReserved": "2019-02-26T00:00:00",
"dateUpdated": "2024-08-04T21:38:46.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-11236 (GCVE-0-2018-11236)
Vulnerability from cvelistv5
Published
2018-05-18 16:00
Modified
2024-08-05 08:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:01:52.793Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5460617d1567657621107d895ee2dd83bc1f88f2"
},
{
"name": "104255",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104255"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22786"
},
{
"name": "RHSA-2018:3092",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190329-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190401-0001/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "RHBA-2019:0327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-09T19:06:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5460617d1567657621107d895ee2dd83bc1f88f2"
},
{
"name": "104255",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104255"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22786"
},
{
"name": "RHSA-2018:3092",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190329-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190401-0001/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "RHBA-2019:0327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11236",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5460617d1567657621107d895ee2dd83bc1f88f2",
"refsource": "MISC",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5460617d1567657621107d895ee2dd83bc1f88f2"
},
{
"name": "104255",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104255"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22786",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22786"
},
{
"name": "RHSA-2018:3092",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190329-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190329-0001/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190401-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190401-0001/"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "RHBA-2019:0327",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"name": "USN-4416-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4416-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-11236",
"datePublished": "2018-05-18T16:00:00",
"dateReserved": "2018-05-18T00:00:00",
"dateUpdated": "2024-08-05T08:01:52.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5155 (GCVE-0-2009-5155)
Vulnerability from cvelistv5
Published
2019-02-26 02:00
Modified
2024-08-07 07:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:23.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190315-0002/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18986"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=eb04c21373e2a2885f3d52ff192b0499afe3c672"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=11053"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K64119434"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K64119434?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T14:09:50",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190315-0002/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18986"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=eb04c21373e2a2885f3d52ff192b0499afe3c672"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=11053"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K64119434"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K64119434?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5155",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793",
"refsource": "MISC",
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190315-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190315-0002/"
},
{
"name": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806",
"refsource": "MISC",
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=18986",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18986"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eb04c21373e2a2885f3d52ff192b0499afe3c672",
"refsource": "MISC",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eb04c21373e2a2885f3d52ff192b0499afe3c672"
},
{
"name": "http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272",
"refsource": "MISC",
"url": "http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272"
},
{
"name": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238",
"refsource": "MISC",
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=11053",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=11053"
},
{
"name": "https://support.f5.com/csp/article/K64119434",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K64119434"
},
{
"name": "https://support.f5.com/csp/article/K64119434?utm_source=f5support\u0026amp;utm_medium=RSS",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K64119434?utm_source=f5support\u0026amp;utm_medium=RSS"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5155",
"datePublished": "2019-02-26T02:00:00",
"dateReserved": "2019-02-25T00:00:00",
"dateUpdated": "2024-08-07T07:32:23.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6551 (GCVE-0-2018-6551)
Vulnerability from cvelistv5
Published
2018-02-02 14:00
Modified
2024-08-05 06:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:10:10.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=8e448310d74b283c5cd02b9ed7fb997b47bf9b22"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22774"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-02-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-04T10:06:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=8e448310d74b283c5cd02b9ed7fb997b47bf9b22"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22774"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6551",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/git/?p=glibc.git;a=commit;h=8e448310d74b283c5cd02b9ed7fb997b47bf9b22",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/?p=glibc.git;a=commit;h=8e448310d74b283c5cd02b9ed7fb997b47bf9b22"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22774",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22774"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190404-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-6551",
"datePublished": "2018-02-02T14:00:00",
"dateReserved": "2018-02-02T00:00:00",
"dateUpdated": "2024-08-05T06:10:10.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-5277 (GCVE-0-2015-5277)
Vulnerability from cvelistv5
Published
2015-12-17 19:00
Modified
2024-08-06 06:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:41:09.522Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "RHSA-2015:2172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2172.html"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "1034196",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034196"
},
{
"name": "[libc-alpha] 20140909 The GNU C Library version 2.20 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://sourceware.org/ml/libc-alpha/2014-09/msg00088.html"
},
{
"name": "78092",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/78092"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17079"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262914"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-05T01:06:07",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "RHSA-2015:2172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2172.html"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "1034196",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034196"
},
{
"name": "[libc-alpha] 20140909 The GNU C Library version 2.20 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://sourceware.org/ml/libc-alpha/2014-09/msg00088.html"
},
{
"name": "78092",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/78092"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17079"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262914"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-5277",
"datePublished": "2015-12-17T19:00:00",
"dateReserved": "2015-07-01T00:00:00",
"dateUpdated": "2024-08-06T06:41:09.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-19591 (GCVE-0-2018-19591)
Vulnerability from cvelistv5
Published
2018-12-04 16:00
Modified
2024-08-05 11:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:37:11.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=blob_plain%3Bf=NEWS%3Bhb=HEAD"
},
{
"name": "FEDORA-2018-f6b7df660d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BO7WHN52GFMC5F2I2232GFIPSSXWFV7G/"
},
{
"name": "106037",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106037"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23927"
},
{
"name": "FEDORA-2018-060302dc83",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M52KE4YR3GNMHQUOS3DKAGZD5TQ5D5UH/"
},
{
"name": "GLSA-201903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-09"
},
{
"name": "1042174",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1042174"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=d527c860f5a3f0ed687bd03f0cb464612dc23408"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190321-0003/"
},
{
"name": "GLSA-201908-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201908-06"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-11-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-09T19:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=blob_plain%3Bf=NEWS%3Bhb=HEAD"
},
{
"name": "FEDORA-2018-f6b7df660d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BO7WHN52GFMC5F2I2232GFIPSSXWFV7G/"
},
{
"name": "106037",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106037"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23927"
},
{
"name": "FEDORA-2018-060302dc83",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M52KE4YR3GNMHQUOS3DKAGZD5TQ5D5UH/"
},
{
"name": "GLSA-201903-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-09"
},
{
"name": "1042174",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1042174"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=d527c860f5a3f0ed687bd03f0cb464612dc23408"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190321-0003/"
},
{
"name": "GLSA-201908-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201908-06"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19591",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=NEWS;hb=HEAD",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=NEWS;hb=HEAD"
},
{
"name": "FEDORA-2018-f6b7df660d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BO7WHN52GFMC5F2I2232GFIPSSXWFV7G/"
},
{
"name": "106037",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106037"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=23927",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23927"
},
{
"name": "FEDORA-2018-060302dc83",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M52KE4YR3GNMHQUOS3DKAGZD5TQ5D5UH/"
},
{
"name": "GLSA-201903-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-09"
},
{
"name": "1042174",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042174"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=d527c860f5a3f0ed687bd03f0cb464612dc23408",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=d527c860f5a3f0ed687bd03f0cb464612dc23408"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190321-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190321-0003/"
},
{
"name": "GLSA-201908-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201908-06"
},
{
"name": "USN-4416-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4416-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19591",
"datePublished": "2018-12-04T16:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-05T11:37:11.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3998 (GCVE-0-2021-3998)
Vulnerability from cvelistv5
Published
2022-08-24 00:00
Modified
2025-06-09 15:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - - Out-of-bounds Read
Summary
A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:16:03.378Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/24/4"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28770"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ee8d5e33adb284601c00c94687bc907e10aec9bb"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=84d2d0fe20bdf94feed82b21b4d7d136db471f03"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024633"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3998"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3998"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20221020-0003/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-3998",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T14:59:39.057370Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T15:00:17.349Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "glibc",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Affects glibc v2.33 and above."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 - Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-20T00:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://www.openwall.com/lists/oss-security/2022/01/24/4"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28770"
},
{
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ee8d5e33adb284601c00c94687bc907e10aec9bb"
},
{
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=84d2d0fe20bdf94feed82b21b4d7d136db471f03"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024633"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3998"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3998"
},
{
"url": "https://security.netapp.com/advisory/ntap-20221020-0003/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3998",
"datePublished": "2022-08-24T00:00:00.000Z",
"dateReserved": "2021-11-22T00:00:00.000Z",
"dateUpdated": "2025-06-09T15:00:17.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2702 (GCVE-0-2011-2702)
Vulnerability from cvelistv5
Published
2014-10-27 20:00
Modified
2024-08-06 23:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, or (3) memset-sse2.S in sysdeps/i386/i686/multiarch/, which triggers an out-of-bounds read, as demonstrated using the memcpy function.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:08:23.737Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=706915"
},
{
"name": "[oss-security] 20110718 CVE id request: (e)glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2011/q3/123"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xorl.wordpress.com/2011/08/06/cve-2011-2702-eglibc-and-glibc-signedness-issue/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nodefense.org/eglibc.txt"
},
{
"name": "[oss-security] 20110720 Re: CVE id request: (e)glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2011/q3/153"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=a0ac24d98ace90d1ccba6a2f3e7d55600f2fdb6e"
},
{
"name": "80718",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/80718"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.eglibc.org/cgi-bin/viewvc.cgi/trunk/libc/ChangeLog?view=markup\u0026pathrev=10032"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, or (3) memset-sse2.S in sysdeps/i386/i686/multiarch/, which triggers an out-of-bounds read, as demonstrated using the memcpy function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-10-27T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=706915"
},
{
"name": "[oss-security] 20110718 CVE id request: (e)glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2011/q3/123"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xorl.wordpress.com/2011/08/06/cve-2011-2702-eglibc-and-glibc-signedness-issue/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nodefense.org/eglibc.txt"
},
{
"name": "[oss-security] 20110720 Re: CVE id request: (e)glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2011/q3/153"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=a0ac24d98ace90d1ccba6a2f3e7d55600f2fdb6e"
},
{
"name": "80718",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/80718"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.eglibc.org/cgi-bin/viewvc.cgi/trunk/libc/ChangeLog?view=markup\u0026pathrev=10032"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2702",
"datePublished": "2014-10-27T20:00:00",
"dateReserved": "2011-07-11T00:00:00",
"dateUpdated": "2024-08-06T23:08:23.737Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3075 (GCVE-0-2016-3075)
Vulnerability from cvelistv5
Published
2016-06-01 20:00
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:15.642Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2016-68abc0be35",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "openSUSE-SU-2016:1779",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"name": "85732",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/85732"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=317b199b4aff8cfa27f2302ab404d2bb5032b9a4"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "RHSA-2016:2573",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2573.html"
},
{
"name": "openSUSE-SU-2016:1527",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19879"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2016-68abc0be35",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "openSUSE-SU-2016:1779",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"name": "85732",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/85732"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=317b199b4aff8cfa27f2302ab404d2bb5032b9a4"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "RHSA-2016:2573",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2573.html"
},
{
"name": "openSUSE-SU-2016:1527",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19879"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-3075",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2016-68abc0be35",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "openSUSE-SU-2016:1779",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"name": "85732",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/85732"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=317b199b4aff8cfa27f2302ab404d2bb5032b9a4",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=317b199b4aff8cfa27f2302ab404d2bb5032b9a4"
},
{
"name": "GLSA-201702-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "RHSA-2016:2573",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2573.html"
},
{
"name": "openSUSE-SU-2016:1527",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"name": "USN-2985-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=19879",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19879"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-3075",
"datePublished": "2016-06-01T20:00:00",
"dateReserved": "2016-03-10T00:00:00",
"dateUpdated": "2024-08-05T23:40:15.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3999 (GCVE-0-2021-3999)
Vulnerability from cvelistv5
Published
2022-08-24 00:00
Modified
2024-08-03 17:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-193 - - Off-by-one Error
Summary
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:16:03.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/24/4"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3999"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3999"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20221104-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "glibc",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in glibc v2.31 and above."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-193",
"description": "CWE-193 - Off-by-one Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-04T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://www.openwall.com/lists/oss-security/2022/01/24/4"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769"
},
{
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-3999"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3999"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20221104-0001/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3999",
"datePublished": "2022-08-24T00:00:00",
"dateReserved": "2021-11-22T00:00:00",
"dateUpdated": "2024-08-03T17:16:03.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5064 (GCVE-0-2009-5064)
Vulnerability from cvelistv5
Published
2011-03-30 22:00
Modified
2024-08-07 07:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states "This is just nonsense. There are a gazillion other ways to introduce code if people are downloading arbitrary binaries and install them in appropriate directories or set LD_LIBRARY_PATH etc.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:54.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/7"
},
{
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/10"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=682998"
},
{
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/7"
},
{
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://reverse.lostrealm.com/protect/ldd.html"
},
{
"name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/10"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.catonmat.net/blog/ldd-arbitrary-code-execution/"
},
{
"name": "[oss-security] 20110307 Re: ldd can execute an app unexpectedly",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/2"
},
{
"name": "[oss-security] 20110307 ldd can execute an app unexpectedly",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/13"
},
{
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/1"
},
{
"name": "RHSA-2011:1526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1526.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531160"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-10-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states \"This is just nonsense. There are a gazillion other ways to introduce code if people are downloading arbitrary binaries and install them in appropriate directories or set LD_LIBRARY_PATH etc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-01-19T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/7"
},
{
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/10"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=682998"
},
{
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/7"
},
{
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://reverse.lostrealm.com/protect/ldd.html"
},
{
"name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/10"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.catonmat.net/blog/ldd-arbitrary-code-execution/"
},
{
"name": "[oss-security] 20110307 Re: ldd can execute an app unexpectedly",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/2"
},
{
"name": "[oss-security] 20110307 ldd can execute an app unexpectedly",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/13"
},
{
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/1"
},
{
"name": "RHSA-2011:1526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1526.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531160"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5064",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states \"This is just nonsense. There are a gazillion other ways to introduce code if people are downloading arbitrary binaries and install them in appropriate directories or set LD_LIBRARY_PATH etc.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/07/7"
},
{
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/08/10"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=682998",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=682998"
},
{
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/08/7"
},
{
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/08/3"
},
{
"name": "http://reverse.lostrealm.com/protect/ldd.html",
"refsource": "MISC",
"url": "http://reverse.lostrealm.com/protect/ldd.html"
},
{
"name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/07/10"
},
{
"name": "http://www.catonmat.net/blog/ldd-arbitrary-code-execution/",
"refsource": "MISC",
"url": "http://www.catonmat.net/blog/ldd-arbitrary-code-execution/"
},
{
"name": "[oss-security] 20110307 Re: ldd can execute an app unexpectedly",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/08/2"
},
{
"name": "[oss-security] 20110307 ldd can execute an app unexpectedly",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/07/13"
},
{
"name": "[oss-security] 20110308 Re: ldd can execute an app unexpectedly",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/08/1"
},
{
"name": "RHSA-2011:1526",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1526.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=531160",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531160"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5064",
"datePublished": "2011-03-30T22:00:00",
"dateReserved": "2011-03-30T00:00:00",
"dateUpdated": "2024-08-07T07:24:54.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3405 (GCVE-0-2012-3405)
Vulnerability from cvelistv5
Published
2014-02-10 17:00
Modified
2024-08-06 20:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers "desynchronization within the buffer size handling," a different vulnerability than CVE-2012-3404.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2012:1200",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833704"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=13446"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2012:1098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"name": "USN-1589-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"name": "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers \"desynchronization within the buffer size handling,\" a different vulnerability than CVE-2012-3404."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2012:1200",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833704"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=13446"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2012:1098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"name": "USN-1589-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"name": "[oss-security] 20120711 Re: CVE request: glibc formatted printing vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3405",
"datePublished": "2014-02-10T17:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5029 (GCVE-0-2009-5029)
Vulnerability from cvelistv5
Published
2013-05-02 14:00
Modified
2024-08-07 07:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:53.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[libc-alpha] 20111215 integer overflow to heap overrun exploit in glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceware.org/ml/libc-alpha/2011-12/msg00037.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dividead.wordpress.com/2009/06/01/glibc-timezone-integer-overflow/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=97ac2654b2d831acaa18a2b018b0736245903fd2"
},
{
"name": "20111203 VSFTPD Remote Heap Overrun (low severity)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2011-December/084452.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=761245"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-05-02T14:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[libc-alpha] 20111215 integer overflow to heap overrun exploit in glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceware.org/ml/libc-alpha/2011-12/msg00037.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dividead.wordpress.com/2009/06/01/glibc-timezone-integer-overflow/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=97ac2654b2d831acaa18a2b018b0736245903fd2"
},
{
"name": "20111203 VSFTPD Remote Heap Overrun (low severity)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2011-December/084452.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=761245"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-5029",
"datePublished": "2013-05-02T14:00:00Z",
"dateReserved": "2010-12-09T00:00:00Z",
"dateUpdated": "2024-08-07T07:24:53.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4813 (GCVE-0-2023-4813)
Vulnerability from cvelistv5
Published
2023-09-12 21:54
Modified
2025-08-18 08:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Red Hat | Red Hat Enterprise Linux 8 |
Unaffected: 0:2.28-225.el8_8.6 < * cpe:/o:redhat:enterprise_linux:8::baseos cpe:/a:redhat:enterprise_linux:8::appstream cpe:/a:redhat:enterprise_linux:8::crb |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:38:00.731Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/8"
},
{
"name": "RHSA-2023:5453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"name": "RHSA-2023:5455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"name": "RHSA-2023:7409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7409"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4813"
},
{
"name": "RHBZ#2237798",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237798"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231110-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::baseos",
"cpe:/a:redhat:enterprise_linux:8::appstream",
"cpe:/a:redhat:enterprise_linux:8::crb"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.28-225.el8_8.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::baseos",
"cpe:/a:redhat:enterprise_linux:8::appstream",
"cpe:/a:redhat:enterprise_linux:8::crb"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.28-225.el8_8.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:8.6::appstream",
"cpe:/o:redhat:rhev_hypervisor:4.4::el8",
"cpe:/o:redhat:rhel_eus:8.6::baseos",
"cpe:/a:redhat:rhel_eus:8.6::crb"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.28-189.8.el8_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb",
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.34-100.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb",
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.34-60.el9_2.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb",
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.34-100.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb",
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.34-60.el9_2.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:8.6::appstream",
"cpe:/o:redhat:rhev_hypervisor:4.4::el8",
"cpe:/o:redhat:rhel_eus:8.6::baseos",
"cpe:/a:redhat:rhel_eus:8.6::crb"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.28-189.8.el8_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "compat-glibc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "compat-glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
}
],
"datePublic": "2022-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-18T08:59:15.443Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHBA-2024:2413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2024:2413"
},
{
"name": "RHSA-2023:5453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"name": "RHSA-2023:5455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"name": "RHSA-2023:7409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7409"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4813"
},
{
"name": "RHBZ#2237798",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237798"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-06T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2022-03-01T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Glibc: potential use-after-free in gaih_inet()",
"workarounds": [
{
"lang": "en",
"value": "Removing the \"SUCCESS=continue\" or \"SUCCESS=merge\" configuration from the hosts database in /etc/nsswitch.conf will mitigate this vulnerability.\n\nNote that, these options are not supported by the hosts database, if they were working before it was because of this bug."
}
],
"x_redhatCweChain": "CWE-416: Use After Free"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-4813",
"datePublished": "2023-09-12T21:54:33.387Z",
"dateReserved": "2023-09-07T01:12:09.809Z",
"dateUpdated": "2025-08-18T08:59:15.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4052 (GCVE-0-2010-4052)
Vulnerability from cvelistv5
Published
2011-01-13 18:35
Modified
2024-08-07 03:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42547",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42547"
},
{
"name": "1024832",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024832"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2011/Jan/78"
},
{
"name": "VU#912279",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/912279"
},
{
"name": "45233",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45233"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/515589/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cxib.net/stuff/proftpd.gnu.c"
},
{
"name": "15935",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/15935"
},
{
"name": "8003",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8003"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/93"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645859"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-12-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42547",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42547"
},
{
"name": "1024832",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024832"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2011/Jan/78"
},
{
"name": "VU#912279",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/912279"
},
{
"name": "45233",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45233"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/515589/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cxib.net/stuff/proftpd.gnu.c"
},
{
"name": "15935",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/15935"
},
{
"name": "8003",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8003"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/93"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645859"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4052",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42547",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42547"
},
{
"name": "1024832",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024832"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2011/Jan/78"
},
{
"name": "VU#912279",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/912279"
},
{
"name": "45233",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45233"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/515589/100/0/threaded"
},
{
"name": "http://cxib.net/stuff/proftpd.gnu.c",
"refsource": "MISC",
"url": "http://cxib.net/stuff/proftpd.gnu.c"
},
{
"name": "15935",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15935"
},
{
"name": "8003",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8003"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/93"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=645859",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645859"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4052",
"datePublished": "2011-01-13T18:35:00",
"dateReserved": "2010-10-22T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6323 (GCVE-0-2016-6323)
Vulnerability from cvelistv5
Published
2016-10-07 14:00
Modified
2024-08-06 01:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:29:18.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2016-87dde780b8",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WO7IMEYWZ2WTXGGMZBWWSDCUMFN63XOB/"
},
{
"name": "92532",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92532"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"name": "FEDORA-2016-5f050a0a6d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTXSOVCRDGBIB4WCIDAGYYUBESXZ4IGK/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617"
},
{
"name": "GLSA-201706-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"name": "FEDORA-2016-57cba655d5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVWSAZVBTLALXF4SCBPDV3FY6J22DXLZ/"
},
{
"name": "[oss-security] 20160818 CVE-2016-6323: Missing unwind information on ARM EABI (32-bit) causes backtrace generation to hang",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/08/18/12"
},
{
"name": "openSUSE-SU-2016:2443",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-10/msg00009.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2016-87dde780b8",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WO7IMEYWZ2WTXGGMZBWWSDCUMFN63XOB/"
},
{
"name": "92532",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92532"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"name": "FEDORA-2016-5f050a0a6d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTXSOVCRDGBIB4WCIDAGYYUBESXZ4IGK/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617"
},
{
"name": "GLSA-201706-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"name": "FEDORA-2016-57cba655d5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVWSAZVBTLALXF4SCBPDV3FY6J22DXLZ/"
},
{
"name": "[oss-security] 20160818 CVE-2016-6323: Missing unwind information on ARM EABI (32-bit) causes backtrace generation to hang",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/08/18/12"
},
{
"name": "openSUSE-SU-2016:2443",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-10/msg00009.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-6323",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2016-87dde780b8",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WO7IMEYWZ2WTXGGMZBWWSDCUMFN63XOB/"
},
{
"name": "92532",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92532"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"name": "FEDORA-2016-5f050a0a6d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KTXSOVCRDGBIB4WCIDAGYYUBESXZ4IGK/"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=20435",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20435"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617"
},
{
"name": "GLSA-201706-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"name": "FEDORA-2016-57cba655d5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVWSAZVBTLALXF4SCBPDV3FY6J22DXLZ/"
},
{
"name": "[oss-security] 20160818 CVE-2016-6323: Missing unwind information on ARM EABI (32-bit) causes backtrace generation to hang",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/08/18/12"
},
{
"name": "openSUSE-SU-2016:2443",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-10/msg00009.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-6323",
"datePublished": "2016-10-07T14:00:00",
"dateReserved": "2016-07-26T00:00:00",
"dateUpdated": "2024-08-06T01:29:18.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4122 (GCVE-0-2013-4122)
Vulnerability from cvelistv5
Published
2013-10-27 00:00
Modified
2024-08-06 16:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:50.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.cyrusimap.org/cyrus-sasl/commit/?id=dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.linuxquestions.org/questions/slackware-14/%5Bslackware-current%5D-glibc-2-17-shadow-and-other-penumbrae-4175461061/"
},
{
"name": "GLSA-201309-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-01.xml"
},
{
"name": "USN-2755-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2755-1"
},
{
"name": "[oss-security] 20130715 Re: CVE request: Cyrus-sasl NULL ptr. dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/15/1"
},
{
"name": "[oss-security] 20130713 Re: CVE request: Cyrus-sasl NULL ptr. dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/13/1"
},
{
"name": "[oss-security] 20130712 Re: CVE request: Cyrus-sasl NULL ptr. dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/12/6"
},
{
"name": "[oss-security] 20130712 CVE request: Cyrus-sasl NULL ptr. dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/12/3"
},
{
"name": "DSA-3368",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3368"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-06T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.cyrusimap.org/cyrus-sasl/commit/?id=dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.linuxquestions.org/questions/slackware-14/%5Bslackware-current%5D-glibc-2-17-shadow-and-other-penumbrae-4175461061/"
},
{
"name": "GLSA-201309-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-01.xml"
},
{
"name": "USN-2755-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2755-1"
},
{
"name": "[oss-security] 20130715 Re: CVE request: Cyrus-sasl NULL ptr. dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/15/1"
},
{
"name": "[oss-security] 20130713 Re: CVE request: Cyrus-sasl NULL ptr. dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/13/1"
},
{
"name": "[oss-security] 20130712 Re: CVE request: Cyrus-sasl NULL ptr. dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/12/6"
},
{
"name": "[oss-security] 20130712 CVE request: Cyrus-sasl NULL ptr. dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/12/3"
},
{
"name": "DSA-3368",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3368"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4122",
"datePublished": "2013-10-27T00:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:30:50.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1234 (GCVE-0-2016-1234)
Vulnerability from cvelistv5
Published
2016-06-01 20:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:13.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2016-68abc0be35",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "openSUSE-SU-2016:1779",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"name": "[oss-security] 20160307 CVE-2016-1234 in glibc glob with GLOB_ALTDIRFUNC",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/03/07/16"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "84204",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/84204"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19779"
},
{
"name": "openSUSE-SU-2016:1527",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5171f3079f2cc53e0548fc4967361f4d1ce9d7ea"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-01T17:06:13",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "FEDORA-2016-68abc0be35",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "openSUSE-SU-2016:1779",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"name": "[oss-security] 20160307 CVE-2016-1234 in glibc glob with GLOB_ALTDIRFUNC",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/03/07/16"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "84204",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/84204"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19779"
},
{
"name": "openSUSE-SU-2016:1527",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5171f3079f2cc53e0548fc4967361f4d1ce9d7ea"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2016-1234",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2016-68abc0be35",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "openSUSE-SU-2016:1779",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"name": "[oss-security] 20160307 CVE-2016-1234 in glibc glob with GLOB_ALTDIRFUNC",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/03/07/16"
},
{
"name": "GLSA-201702-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "84204",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84204"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=19779",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19779"
},
{
"name": "openSUSE-SU-2016:1527",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5171f3079f2cc53e0548fc4967361f4d1ce9d7ea",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5171f3079f2cc53e0548fc4967361f4d1ce9d7ea"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"name": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2016-1234",
"datePublished": "2016-06-01T20:00:00",
"dateReserved": "2015-12-27T00:00:00",
"dateUpdated": "2024-08-05T22:48:13.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0028 (GCVE-0-2003-0028)
Vulnerability from cvelistv5
Published
2003-03-21 05:00
Modified
2024-08-08 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ESA-20030321-010",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html"
},
{
"name": "20030319 EEYE: XDR Integer Overflow",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html"
},
{
"name": "MDKSA-2003:037",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:037"
},
{
"name": "RHSA-2003:052",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-052.html"
},
{
"name": "CA-2003-10",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-10.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20150122-0002/"
},
{
"name": "DSA-282",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-282"
},
{
"name": "20030331 GLSA: krb5 \u0026 mit-krb5 (200303-28)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/316960/30/25250/threaded"
},
{
"name": "SuSE-SA:2003:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_027_glibc.html"
},
{
"name": "20030319 RE: EEYE: XDR Integer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/315638/30/25430/threaded"
},
{
"name": "RHSA-2003:091",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-091.html"
},
{
"name": "AD20030318",
"tags": [
"third-party-advisory",
"x_refsource_EEYE",
"x_transferred"
],
"url": "http://www.eeye.com/html/Research/Advisories/AD20030318.html"
},
{
"name": "VU#516825",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/516825"
},
{
"name": "20030325 GLSA: glibc (200303-22)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104860855114117\u0026w=2"
},
{
"name": "NetBSD-SA2003-008",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc"
},
{
"name": "2003-0014",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104878237121402\u0026w=2"
},
{
"name": "20030331 GLSA: dietlibc (200303-29)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/316931/30/25250/threaded"
},
{
"name": "RHSA-2003:051",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-051.html"
},
{
"name": "20030319 EEYE: XDR Integer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104810574423662\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:230",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230"
},
{
"name": "DSA-266",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-266"
},
{
"name": "RHSA-2003:089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-089.html"
},
{
"name": "20030319 MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104811415301340\u0026w=2"
},
{
"name": "20030522 [slackware-security] glibc XDR overflow fix (SSA:2003-141-03)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105362148313082\u0026w=2"
},
{
"name": "DSA-272",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-272"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ESA-20030321-010",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html"
},
{
"name": "20030319 EEYE: XDR Integer Overflow",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html"
},
{
"name": "MDKSA-2003:037",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:037"
},
{
"name": "RHSA-2003:052",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-052.html"
},
{
"name": "CA-2003-10",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-10.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20150122-0002/"
},
{
"name": "DSA-282",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-282"
},
{
"name": "20030331 GLSA: krb5 \u0026 mit-krb5 (200303-28)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/316960/30/25250/threaded"
},
{
"name": "SuSE-SA:2003:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_027_glibc.html"
},
{
"name": "20030319 RE: EEYE: XDR Integer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/315638/30/25430/threaded"
},
{
"name": "RHSA-2003:091",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-091.html"
},
{
"name": "AD20030318",
"tags": [
"third-party-advisory",
"x_refsource_EEYE"
],
"url": "http://www.eeye.com/html/Research/Advisories/AD20030318.html"
},
{
"name": "VU#516825",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/516825"
},
{
"name": "20030325 GLSA: glibc (200303-22)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104860855114117\u0026w=2"
},
{
"name": "NetBSD-SA2003-008",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc"
},
{
"name": "2003-0014",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104878237121402\u0026w=2"
},
{
"name": "20030331 GLSA: dietlibc (200303-29)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/316931/30/25250/threaded"
},
{
"name": "RHSA-2003:051",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-051.html"
},
{
"name": "20030319 EEYE: XDR Integer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104810574423662\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:230",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230"
},
{
"name": "DSA-266",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-266"
},
{
"name": "RHSA-2003:089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-089.html"
},
{
"name": "20030319 MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104811415301340\u0026w=2"
},
{
"name": "20030522 [slackware-security] glibc XDR overflow fix (SSA:2003-141-03)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105362148313082\u0026w=2"
},
{
"name": "DSA-272",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-272"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0028",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ESA-20030321-010",
"refsource": "ENGARDE",
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html"
},
{
"name": "20030319 EEYE: XDR Integer Overflow",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html"
},
{
"name": "MDKSA-2003:037",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:037"
},
{
"name": "RHSA-2003:052",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-052.html"
},
{
"name": "CA-2003-10",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-10.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20150122-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20150122-0002/"
},
{
"name": "DSA-282",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-282"
},
{
"name": "20030331 GLSA: krb5 \u0026 mit-krb5 (200303-28)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/316960/30/25250/threaded"
},
{
"name": "SuSE-SA:2003:027",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_027_glibc.html"
},
{
"name": "20030319 RE: EEYE: XDR Integer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/315638/30/25430/threaded"
},
{
"name": "RHSA-2003:091",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-091.html"
},
{
"name": "AD20030318",
"refsource": "EEYE",
"url": "http://www.eeye.com/html/Research/Advisories/AD20030318.html"
},
{
"name": "VU#516825",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/516825"
},
{
"name": "20030325 GLSA: glibc (200303-22)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104860855114117\u0026w=2"
},
{
"name": "NetBSD-SA2003-008",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc"
},
{
"name": "2003-0014",
"refsource": "TRUSTIX",
"url": "http://marc.info/?l=bugtraq\u0026m=104878237121402\u0026w=2"
},
{
"name": "20030331 GLSA: dietlibc (200303-29)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/316931/30/25250/threaded"
},
{
"name": "RHSA-2003:051",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-051.html"
},
{
"name": "20030319 EEYE: XDR Integer Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104810574423662\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:230",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230"
},
{
"name": "DSA-266",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-266"
},
{
"name": "RHSA-2003:089",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-089.html"
},
{
"name": "20030319 MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104811415301340\u0026w=2"
},
{
"name": "20030522 [slackware-security] glibc XDR overflow fix (SSA:2003-141-03)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105362148313082\u0026w=2"
},
{
"name": "DSA-272",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-272"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0028",
"datePublished": "2003-03-21T05:00:00",
"dateReserved": "2003-01-10T00:00:00",
"dateUpdated": "2024-08-08T01:36:25.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-33601 (GCVE-0-2024-33601)
Vulnerability from cvelistv5
Published
2024-05-06 19:22
Modified
2025-03-18 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-617 - Reachable Assertion
Summary
nscd: netgroup cache may terminate daemon on memory allocation failure
The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or
xrealloc and these functions may terminate the process due to a memory
allocation failure resulting in a denial of service to the clients. The
flaw was introduced in glibc 2.15 when the cache was added to nscd.
This vulnerability is only present in the nscd binary.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The GNU C Library | glibc |
Version: 2.15 < 2.40 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "glibc",
"vendor": "gnu",
"versions": [
{
"lessThan": "2.40",
"status": "affected",
"version": "2.15",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-33601",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-09T17:26:01.322253Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-18T13:55:13.348Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:36:04.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0014/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "glibc",
"vendor": "The GNU C Library",
"versions": [
{
"lessThan": "2.40",
"status": "affected",
"version": "2.15",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003enscd: netgroup cache may terminate daemon on memory allocation failure\u003cbr\u003e\u003cbr\u003eThe Name Service Cache Daemon\u0027s (nscd) netgroup cache uses xmalloc or\u003cbr\u003exrealloc and these functions may terminate the process due to a memory\u003cbr\u003eallocation failure resulting in a denial of service to the clients. The\u003cbr\u003eflaw was introduced in glibc 2.15 when the cache was added to nscd.\u003cbr\u003e\u003cbr\u003eThis vulnerability is only present in the nscd binary.\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "nscd: netgroup cache may terminate daemon on memory allocation failure\n\nThe Name Service Cache Daemon\u0027s (nscd) netgroup cache uses xmalloc or\nxrealloc and these functions may terminate the process due to a memory\nallocation failure resulting in a denial of service to the clients. The\nflaw was introduced in glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary."
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-617",
"description": "CWE-617 Reachable Assertion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-22T18:06:12.587Z",
"orgId": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"shortName": "glibc"
},
"references": [
{
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240524-0014/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "nscd: netgroup cache may terminate daemon on memory allocation failure",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"assignerShortName": "glibc",
"cveId": "CVE-2024-33601",
"datePublished": "2024-05-06T19:22:07.763Z",
"dateReserved": "2024-04-24T20:35:08.340Z",
"dateUpdated": "2025-03-18T13:55:13.348Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1914 (GCVE-0-2013-1914)
Vulnerability from cvelistv5
Published
2013-04-29 22:00
Modified
2024-08-06 15:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of domain conversion results.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0008.html"
},
{
"name": "RHSA-2013:1605",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1605.html"
},
{
"name": "55113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55113"
},
{
"name": "[oss-security] 20130403 CVE Request: glibc getaddrinfo() stack overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/04/03/2"
},
{
"name": "USN-1991-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=947882"
},
{
"name": "MDVSA-2013:284",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"name": "58839",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58839"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=15330"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=1cef1b19089528db11f221e938f60b9b048945d7"
},
{
"name": "[oss-security] 20130403 Re: CVE Request: glibc getaddrinfo() stack overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/04/03/8"
},
{
"name": "[oss-security] 20130405 Re: CVE Request: glibc getaddrinfo() stack overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/04/05/1"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"name": "52817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/52817"
},
{
"name": "RHSA-2013:0769",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0769.html"
},
{
"name": "MDVSA-2013:163",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:163"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=813121"
},
{
"name": "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of domain conversion results."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-01T17:06:29",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0008.html"
},
{
"name": "RHSA-2013:1605",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1605.html"
},
{
"name": "55113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55113"
},
{
"name": "[oss-security] 20130403 CVE Request: glibc getaddrinfo() stack overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/04/03/2"
},
{
"name": "USN-1991-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=947882"
},
{
"name": "MDVSA-2013:284",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"name": "58839",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/58839"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=15330"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=1cef1b19089528db11f221e938f60b9b048945d7"
},
{
"name": "[oss-security] 20130403 Re: CVE Request: glibc getaddrinfo() stack overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/04/03/8"
},
{
"name": "[oss-security] 20130405 Re: CVE Request: glibc getaddrinfo() stack overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/04/05/1"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"name": "52817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/52817"
},
{
"name": "RHSA-2013:0769",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0769.html"
},
{
"name": "MDVSA-2013:163",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:163"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=813121"
},
{
"name": "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-1914",
"datePublished": "2013-04-29T22:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:20:37.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4458 (GCVE-0-2013-4458)
Vulnerability from cvelistv5
Published
2013-12-12 18:00
Modified
2024-08-06 16:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:45:14.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[libc-alpha] 20131022 [PATCH][BZ #16072] Fix stack overflow due to large AF_INET6 requests",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "MDVSA-2013:284",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16072"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[libc-alpha] 20131022 [PATCH][BZ #16072] Fix stack overflow due to large AF_INET6 requests",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "MDVSA-2013:284",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16072"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4458",
"datePublished": "2013-12-12T18:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:45:14.820Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6096 (GCVE-0-2020-6096)
Vulnerability from cvelistv5
Published
2020-04-01 00:00
Modified
2024-08-04 08:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-195 - Signed to Unsigned Conversion Error
Summary
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:47:40.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2020-d860479b2a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/"
},
{
"name": "FEDORA-2020-4e92a61688",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/"
},
{
"name": "GLSA-202101-20",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "GNU glibc",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.30.9000"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the \u0027num\u0027 parameter results in a signed comparison vulnerability. If an attacker underflows the \u0027num\u0027 parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-195",
"description": "CWE-195: Signed to Unsigned Conversion Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-17T00:00:00",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "FEDORA-2020-d860479b2a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/"
},
{
"name": "FEDORA-2020-4e92a61688",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/"
},
{
"name": "GLSA-202101-20",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2020-6096",
"datePublished": "2020-04-01T00:00:00",
"dateReserved": "2020-01-07T00:00:00",
"dateUpdated": "2024-08-04T08:47:40.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1071 (GCVE-0-2011-1071)
Vulnerability from cvelistv5
Published
2011-04-08 15:00
Modified
2024-08-06 22:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:27.827Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "46563",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46563"
},
{
"name": "8175",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8175"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681054"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "RHSA-2011:0412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"name": "ADV-2011-0863",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/615120"
},
{
"name": "43989",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43989"
},
{
"name": "1025290",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025290"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11883"
},
{
"name": "43492",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43492"
},
{
"name": "[oss-security] 20110228 cve request: eglibc memory corruption",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/02/26/3"
},
{
"name": "oval:org.mitre.oval:def:12853",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12853"
},
{
"name": "[oss-security] 20110228 Re: cve request: eglibc memory corruption",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/02/28/11"
},
{
"name": "20110224 glibc and alloca()",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2011/Feb/635"
},
{
"name": "20110226 Re: glibc and alloca()",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2011/Feb/644"
},
{
"name": "MDVSA-2011:178",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"name": "43830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43830"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=f15ce4d8dc139523fe0c273580b604b2453acba6"
},
{
"name": "RHSA-2011:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0413.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "[oss-security] 20110228 Re: cve request: eglibc memory corruption",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/02/28/15"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=48733"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a \"stack extension attack,\" a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "46563",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46563"
},
{
"name": "8175",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8175"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681054"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "RHSA-2011:0412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"name": "ADV-2011-0863",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/615120"
},
{
"name": "43989",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43989"
},
{
"name": "1025290",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025290"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11883"
},
{
"name": "43492",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43492"
},
{
"name": "[oss-security] 20110228 cve request: eglibc memory corruption",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/02/26/3"
},
{
"name": "oval:org.mitre.oval:def:12853",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12853"
},
{
"name": "[oss-security] 20110228 Re: cve request: eglibc memory corruption",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/02/28/11"
},
{
"name": "20110224 glibc and alloca()",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2011/Feb/635"
},
{
"name": "20110226 Re: glibc and alloca()",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2011/Feb/644"
},
{
"name": "MDVSA-2011:178",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"name": "43830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43830"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=f15ce4d8dc139523fe0c273580b604b2453acba6"
},
{
"name": "RHSA-2011:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0413.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "[oss-security] 20110228 Re: cve request: eglibc memory corruption",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/02/28/15"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=48733"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1071",
"datePublished": "2011-04-08T15:00:00",
"dateReserved": "2011-02-24T00:00:00",
"dateUpdated": "2024-08-06T22:14:27.827Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0959 (GCVE-0-2000-0959)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:31.726Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1719",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1719"
},
{
"name": "glibc-unset-symlink(5299)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5299"
},
{
"name": "20000926 ld.so bug - LD_DEBUG_OUTPUT follows symlinks",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/85028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-09-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1719",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1719"
},
{
"name": "glibc-unset-symlink(5299)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5299"
},
{
"name": "20000926 ld.so bug - LD_DEBUG_OUTPUT follows symlinks",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/85028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1719",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1719"
},
{
"name": "glibc-unset-symlink(5299)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5299"
},
{
"name": "20000926 ld.so bug - LD_DEBUG_OUTPUT follows symlinks",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/85028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0959",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-11-24T00:00:00",
"dateUpdated": "2024-08-08T05:37:31.726Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0335 (GCVE-0-2000-0335)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1166",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1166"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1166",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1166"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0335",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1166",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1166"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0335",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-05-11T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8776 (GCVE-0-2015-8776)
Vulnerability from cvelistv5
Published
2016-04-19 21:00
Modified
2024-08-06 08:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:29:21.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:0471",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "FEDORA-2016-68abc0be35",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "RHSA-2017:1916",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"name": "DSA-3481",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"name": "openSUSE-SU-2016:0510",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "RHSA-2017:0680",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "SUSE-SU-2016:0472",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "SUSE-SU-2016:0473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"name": "[libc-alpha] 20160219 The GNU C Library version 2.23 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"name": "[oss-security] 20160119 CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"name": "83277",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/83277"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18985"
},
{
"name": "DSA-3480",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SU-2016:0471",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "FEDORA-2016-68abc0be35",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "RHSA-2017:1916",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"name": "DSA-3481",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"name": "openSUSE-SU-2016:0510",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "RHSA-2017:0680",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "SUSE-SU-2016:0472",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "SUSE-SU-2016:0473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"name": "[libc-alpha] 20160219 The GNU C Library version 2.23 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"name": "[oss-security] 20160119 CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"name": "83277",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/83277"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18985"
},
{
"name": "DSA-3480",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-8776",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:0471",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "FEDORA-2016-68abc0be35",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "RHSA-2017:1916",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"name": "DSA-3481",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"name": "openSUSE-SU-2016:0510",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"name": "SUSE-SU-2016:0470",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "RHSA-2017:0680",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"name": "USN-2985-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"name": "GLSA-201702-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "GLSA-201602-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "SUSE-SU-2016:0472",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "SUSE-SU-2016:0473",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"name": "[libc-alpha] 20160219 The GNU C Library version 2.23 is now available",
"refsource": "MLIST",
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"name": "[oss-security] 20160119 CVE assignment request for security bugs fixed in glibc 2.23",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"name": "83277",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/83277"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=18985",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18985"
},
{
"name": "DSA-3480",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"name": "USN-2985-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-8776",
"datePublished": "2016-04-19T21:00:00",
"dateReserved": "2016-01-19T00:00:00",
"dateUpdated": "2024-08-06T08:29:21.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6779 (GCVE-0-2023-6779)
Vulnerability from cvelistv5
Published
2024-01-31 14:07
Modified
2025-06-13 16:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | glibc | |||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6779"
},
{
"name": "RHBZ#2254395",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254395"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202402-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240223-0006/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6779",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-13T16:08:30.700931Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-13T16:08:42.227Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "glibc",
"vendor": "n/a",
"versions": [
{
"status": "unaffected",
"version": "2.39"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "compat-glibc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "compat-glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Fedora",
"vendor": "Fedora"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Qualys Threat Research Unit for reporting this issue."
}
],
"datePublic": "2024-01-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-23T16:05:57.859Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6779"
},
{
"name": "RHBZ#2254395",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254395"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/"
},
{
"url": "https://security.gentoo.org/glsa/202402-01"
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"url": "https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240223-0006/"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-12-08T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-01-30T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Glibc: off-by-one heap-based buffer overflow in __vsyslog_internal()",
"x_redhatCweChain": "CWE-193-\u003eCWE-122: Off-by-one Error leads to Heap-based Buffer Overflow"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-6779",
"datePublished": "2024-01-31T14:07:41.967Z",
"dateReserved": "2023-12-13T14:37:37.111Z",
"dateUpdated": "2025-06-13T16:08:42.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-18269 (GCVE-0-2017-18269)
Vulnerability from cvelistv5
Published
2018-05-18 16:00
Modified
2024-08-05 21:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:13:49.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=cd66c0e584c6d692bc8347b5e72723d02b8a8ada"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/fingolfin/memmove-bug"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22644"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190329-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190401-0001/"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-09T19:06:08",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=cd66c0e584c6d692bc8347b5e72723d02b8a8ada"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/fingolfin/memmove-bug"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22644"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190329-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190401-0001/"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=cd66c0e584c6d692bc8347b5e72723d02b8a8ada",
"refsource": "MISC",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=cd66c0e584c6d692bc8347b5e72723d02b8a8ada"
},
{
"name": "https://github.com/fingolfin/memmove-bug",
"refsource": "MISC",
"url": "https://github.com/fingolfin/memmove-bug"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22644",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22644"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190329-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190329-0001/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190401-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190401-0001/"
},
{
"name": "USN-4416-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4416-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18269",
"datePublished": "2018-05-18T16:00:00",
"dateReserved": "2018-05-18T00:00:00",
"dateUpdated": "2024-08-05T21:13:49.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4806 (GCVE-0-2023-4806)
Vulnerability from cvelistv5
Published
2023-09-18 16:33
Modified
2025-08-18 08:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Red Hat | Red Hat Enterprise Linux 8 |
Unaffected: 0:2.28-225.el8_8.6 < * cpe:/a:redhat:enterprise_linux:8::appstream cpe:/o:redhat:enterprise_linux:8::baseos cpe:/a:redhat:enterprise_linux:8::crb |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:38:00.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/8"
},
{
"name": "RHSA-2023:5453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"name": "RHSA-2023:5455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"name": "RHSA-2023:7409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7409"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4806"
},
{
"name": "RHBZ#2237782",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237782"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-03"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240125-0008/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4806",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T19:32:30.612167Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T14:59:06.809Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream",
"cpe:/o:redhat:enterprise_linux:8::baseos",
"cpe:/a:redhat:enterprise_linux:8::crb"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.28-225.el8_8.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream",
"cpe:/o:redhat:enterprise_linux:8::baseos",
"cpe:/a:redhat:enterprise_linux:8::crb"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.28-225.el8_8.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus:8.6::baseos",
"cpe:/a:redhat:rhel_eus:8.6::crb",
"cpe:/o:redhat:rhev_hypervisor:4.4::el8",
"cpe:/a:redhat:rhel_eus:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.28-189.8.el8_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.34-100.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.34-60.el9_2.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.34-100.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream",
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.34-60.el9_2.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus:8.6::baseos",
"cpe:/a:redhat:rhel_eus:8.6::crb",
"cpe:/o:redhat:rhev_hypervisor:4.4::el8",
"cpe:/a:redhat:rhel_eus:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.28-189.8.el8_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "compat-glibc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "compat-glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Siddhesh Poyarekar (Red Hat)."
}
],
"datePublic": "2023-09-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-18T08:59:10.030Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHBA-2024:2413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2024:2413"
},
{
"name": "RHSA-2023:5453",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"name": "RHSA-2023:5455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"name": "RHSA-2023:7409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7409"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4806"
},
{
"name": "RHBZ#2237782",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237782"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-06T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-09-12T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Glibc: potential use-after-free in getaddrinfo()",
"x_redhatCweChain": "CWE-416: Use After Free"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-4806",
"datePublished": "2023-09-18T16:33:57.211Z",
"dateReserved": "2023-09-06T16:26:35.613Z",
"dateUpdated": "2025-08-18T08:59:10.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-27618 (GCVE-0-2020-27618)
Vulnerability from cvelistv5
Published
2021-02-26 00:00
Modified
2025-06-09 15:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:18:45.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21"
},
{
"name": "GLSA-202107-07",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210401-0006/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-27618",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T15:14:58.724788Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835 Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T15:15:47.186Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-17T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21"
},
{
"name": "GLSA-202107-07",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210401-0006/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-27618",
"datePublished": "2021-02-26T00:00:00.000Z",
"dateReserved": "2020-10-22T00:00:00.000Z",
"dateUpdated": "2025-06-09T15:15:47.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-5320 (GCVE-0-2011-5320)
Vulnerability from cvelistv5
Published
2017-10-18 14:00
Modified
2024-08-07 00:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:30:47.017Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=20b38e0"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=13138#c4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://marc.info/?l=gimp-developer\u0026m=129567990905823\u0026w=2"
},
{
"name": "[oss-security] 20150312 Re: CVE request: glibc scanf implementation crashes on certain inputs",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/12/14"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1196745"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=3f8cc204fdd0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T13:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=20b38e0"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=13138#c4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://marc.info/?l=gimp-developer\u0026m=129567990905823\u0026w=2"
},
{
"name": "[oss-security] 20150312 Re: CVE request: glibc scanf implementation crashes on certain inputs",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/12/14"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1196745"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=3f8cc204fdd0"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-5320",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=20b38e0",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=20b38e0"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=13138#c4",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=13138#c4"
},
{
"name": "https://marc.info/?l=gimp-developer\u0026m=129567990905823\u0026w=2",
"refsource": "MISC",
"url": "https://marc.info/?l=gimp-developer\u0026m=129567990905823\u0026w=2"
},
{
"name": "[oss-security] 20150312 Re: CVE request: glibc scanf implementation crashes on certain inputs",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/12/14"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1196745",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1196745"
},
{
"name": "https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=3f8cc204fdd0",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=3f8cc204fdd0"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-5320",
"datePublished": "2017-10-18T14:00:00",
"dateReserved": "2015-03-12T00:00:00",
"dateUpdated": "2024-08-07T00:30:47.017Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-4043 (GCVE-0-2014-4043)
Vulnerability from cvelistv5
Published
2014-10-06 23:00
Modified
2024-08-06 11:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:04:28.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=blobdiff%3Bf=ChangeLog%3Bh=3020b9ac232315df362521aeaf85f21cb9926db8%3Bhp=d86e73963dd9fb5e21b1a28326630337226812aa%3Bhb=89e435f3559c53084498e9baad22172b64429362%3Bhpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845"
},
{
"name": "68006",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68006"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17048"
},
{
"name": "gnuclibrary-cve20144043-code-exec(93784)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93784"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109263"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=89e435f3559c53084498e9baad22172b64429362"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2014:152",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:152"
},
{
"name": "openSUSE-SU-2015:1387",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00012.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=blobdiff%3Bf=posix/spawn_faction_addopen.c%3Bh=40800b8e6e81341501c0fb8a91009529e2048dec%3Bhp=47f62425b696a4fdd511b2a057746322eb6518db%3Bhb=89e435f3559c53084498e9baad22172b64429362%3Bhpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-05T01:06:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=blobdiff%3Bf=ChangeLog%3Bh=3020b9ac232315df362521aeaf85f21cb9926db8%3Bhp=d86e73963dd9fb5e21b1a28326630337226812aa%3Bhb=89e435f3559c53084498e9baad22172b64429362%3Bhpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845"
},
{
"name": "68006",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68006"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17048"
},
{
"name": "gnuclibrary-cve20144043-code-exec(93784)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93784"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109263"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=89e435f3559c53084498e9baad22172b64429362"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2014:152",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:152"
},
{
"name": "openSUSE-SU-2015:1387",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00012.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=blobdiff%3Bf=posix/spawn_faction_addopen.c%3Bh=40800b8e6e81341501c0fb8a91009529e2048dec%3Bhp=47f62425b696a4fdd511b2a057746322eb6518db%3Bhb=89e435f3559c53084498e9baad22172b64429362%3Bhpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4043",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=blobdiff;f=ChangeLog;h=3020b9ac232315df362521aeaf85f21cb9926db8;hp=d86e73963dd9fb5e21b1a28326630337226812aa;hb=89e435f3559c53084498e9baad22172b64429362;hpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=blobdiff;f=ChangeLog;h=3020b9ac232315df362521aeaf85f21cb9926db8;hp=d86e73963dd9fb5e21b1a28326630337226812aa;hb=89e435f3559c53084498e9baad22172b64429362;hpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845"
},
{
"name": "68006",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68006"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=17048",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17048"
},
{
"name": "gnuclibrary-cve20144043-code-exec(93784)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93784"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1109263",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109263"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=89e435f3559c53084498e9baad22172b64429362",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=89e435f3559c53084498e9baad22172b64429362"
},
{
"name": "GLSA-201503-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2014:152",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:152"
},
{
"name": "openSUSE-SU-2015:1387",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00012.html"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=blobdiff;f=posix/spawn_faction_addopen.c;h=40800b8e6e81341501c0fb8a91009529e2048dec;hp=47f62425b696a4fdd511b2a057746322eb6518db;hb=89e435f3559c53084498e9baad22172b64429362;hpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=blobdiff;f=posix/spawn_faction_addopen.c;h=40800b8e6e81341501c0fb8a91009529e2048dec;hp=47f62425b696a4fdd511b2a057746322eb6518db;hb=89e435f3559c53084498e9baad22172b64429362;hpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"name": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4043",
"datePublished": "2014-10-06T23:00:00",
"dateReserved": "2014-06-12T00:00:00",
"dateUpdated": "2024-08-06T11:04:28.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3590 (GCVE-0-2005-3590)
Vulnerability from cvelistv5
Published
2019-04-10 19:52
Modified
2024-08-07 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.628Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=661"
},
{
"name": "107871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107871"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K12740406"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-03T17:06:05",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=661"
},
{
"name": "107871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107871"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K12740406"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3590",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=661",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=661"
},
{
"name": "107871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107871"
},
{
"name": "https://support.f5.com/csp/article/K12740406",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K12740406"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3590",
"datePublished": "2019-04-10T19:52:40",
"dateReserved": "2019-04-10T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3847 (GCVE-0-2010-3847)
Vulnerability from cvelistv5
Published
2011-01-07 18:00
Modified
2024-08-07 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:26:12.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201011-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/css/P8/documents/100120941"
},
{
"name": "20101018 The GNU C library dynamic linker expands $ORIGIN in setuid library search path",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2010/Oct/257"
},
{
"name": "RHSA-2010:0872",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0872.html"
},
{
"name": "SUSE-SA:2010:052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"name": "MDVSA-2010:207",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:207"
},
{
"name": "44025",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44025/"
},
{
"name": "44024",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44024/"
},
{
"name": "DSA-2122",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2122"
},
{
"name": "USN-1009-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1009-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=643306"
},
{
"name": "20110105 VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/515545/100/0/threaded"
},
{
"name": "RHSA-2010:0787",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0787.html"
},
{
"name": "44154",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44154"
},
{
"name": "20101020 Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2010/Oct/294"
},
{
"name": "42787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42787"
},
{
"name": "ADV-2011-0025",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0025"
},
{
"name": "[libc-hacker] 20101018 [PATCH] Never expand $ORIGIN in privileged programs",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html"
},
{
"name": "20101019 Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2010/Oct/292"
},
{
"name": "VU#537223",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/537223"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "GLSA-201011-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/css/P8/documents/100120941"
},
{
"name": "20101018 The GNU C library dynamic linker expands $ORIGIN in setuid library search path",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2010/Oct/257"
},
{
"name": "RHSA-2010:0872",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0872.html"
},
{
"name": "SUSE-SA:2010:052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"name": "MDVSA-2010:207",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:207"
},
{
"name": "44025",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44025/"
},
{
"name": "44024",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44024/"
},
{
"name": "DSA-2122",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2122"
},
{
"name": "USN-1009-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1009-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=643306"
},
{
"name": "20110105 VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/515545/100/0/threaded"
},
{
"name": "RHSA-2010:0787",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0787.html"
},
{
"name": "44154",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44154"
},
{
"name": "20101020 Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2010/Oct/294"
},
{
"name": "42787",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42787"
},
{
"name": "ADV-2011-0025",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0025"
},
{
"name": "[libc-hacker] 20101018 [PATCH] Never expand $ORIGIN in privileged programs",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html"
},
{
"name": "20101019 Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2010/Oct/292"
},
{
"name": "VU#537223",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/537223"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-3847",
"datePublished": "2011-01-07T18:00:00",
"dateReserved": "2010-10-08T00:00:00",
"dateUpdated": "2024-08-07T03:26:12.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0015 (GCVE-0-2010-0015)
Vulnerability from cvelistv5
Published
2010-01-14 18:00
Modified
2024-08-07 00:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:52.443Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2010:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"name": "[oss-security] 20100109 Re: CVE id request: GNU libc: NIS shadow password leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/01/08/2"
},
{
"name": "[oss-security] 20100107 CVE id request: GNU libc: NIS shadow password leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/01/07/3"
},
{
"name": "[oss-security] 20100111 Re: CVE id request: GNU libc: NIS shadow password leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/01/11/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560333"
},
{
"name": "[oss-security] 20100108 Re: CVE id request: GNU libc: NIS shadow password leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/01/08/1"
},
{
"name": "SUSE-SA:2010:052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.debian.org/viewsvn/pkg-glibc/glibc-package/trunk/debian/patches/any/submitted-nis-shadow.diff?revision=4062\u0026view=markup"
},
{
"name": "MDVSA-2010:112",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"name": "[oss-security] 20100111 Re: CVE id request: GNU libc: NIS shadow password leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=126320570505651\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11134"
},
{
"name": "[oss-security] 20100111 Re: CVE id request: GNU libc: NIS shadow password leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=126320356003425\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDVSA-2010:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"name": "[oss-security] 20100109 Re: CVE id request: GNU libc: NIS shadow password leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/01/08/2"
},
{
"name": "[oss-security] 20100107 CVE id request: GNU libc: NIS shadow password leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/01/07/3"
},
{
"name": "[oss-security] 20100111 Re: CVE id request: GNU libc: NIS shadow password leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/01/11/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560333"
},
{
"name": "[oss-security] 20100108 Re: CVE id request: GNU libc: NIS shadow password leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/01/08/1"
},
{
"name": "SUSE-SA:2010:052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.debian.org/viewsvn/pkg-glibc/glibc-package/trunk/debian/patches/any/submitted-nis-shadow.diff?revision=4062\u0026view=markup"
},
{
"name": "MDVSA-2010:112",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"name": "[oss-security] 20100111 Re: CVE id request: GNU libc: NIS shadow password leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=126320570505651\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11134"
},
{
"name": "[oss-security] 20100111 Re: CVE id request: GNU libc: NIS shadow password leakage",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=126320356003425\u0026w=2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0015",
"datePublished": "2010-01-14T18:00:00",
"dateReserved": "2009-12-14T00:00:00",
"dateUpdated": "2024-08-07T00:37:52.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-6656 (GCVE-0-2012-6656)
Vulnerability from cvelistv5
Published
2014-12-05 16:00
Modified
2024-08-06 21:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:36:01.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "69472",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69472"
},
{
"name": "USN-2432-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2432-1"
},
{
"name": "MDVSA-2014:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:175"
},
{
"name": "[oss-security] 20140829 CVE request: glibc character set conversion from IBM code pages",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/08/29/3"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=14134"
},
{
"name": "[oss-security] 20140902 Re: CVE request: glibc character set conversion from IBM code pages",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/02/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=6e230d11837f3ae7b375ea69d7905f0d18eb79e5"
},
{
"name": "DSA-3142",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of \"0xffff\" to the iconv function when converting IBM930 encoded data to UTF-8."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "69472",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69472"
},
{
"name": "USN-2432-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2432-1"
},
{
"name": "MDVSA-2014:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:175"
},
{
"name": "[oss-security] 20140829 CVE request: glibc character set conversion from IBM code pages",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/08/29/3"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=14134"
},
{
"name": "[oss-security] 20140902 Re: CVE request: glibc character set conversion from IBM code pages",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/02/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=6e230d11837f3ae7b375ea69d7905f0d18eb79e5"
},
{
"name": "DSA-3142",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-6656",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of \"0xffff\" to the iconv function when converting IBM930 encoded data to UTF-8."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "69472",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69472"
},
{
"name": "USN-2432-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2432-1"
},
{
"name": "MDVSA-2014:175",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:175"
},
{
"name": "[oss-security] 20140829 CVE request: glibc character set conversion from IBM code pages",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/08/29/3"
},
{
"name": "GLSA-201503-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=14134",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=14134"
},
{
"name": "[oss-security] 20140902 Re: CVE request: glibc character set conversion from IBM code pages",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/09/02/1"
},
{
"name": "https://sourceware.org/git/?p=glibc.git;a=commit;h=6e230d11837f3ae7b375ea69d7905f0d18eb79e5",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/?p=glibc.git;a=commit;h=6e230d11837f3ae7b375ea69d7905f0d18eb79e5"
},
{
"name": "DSA-3142",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3142"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-6656",
"datePublished": "2014-12-05T16:00:00",
"dateReserved": "2014-09-01T00:00:00",
"dateUpdated": "2024-08-06T21:36:01.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0235 (GCVE-0-2015-0235)
Vulnerability from cvelistv5
Published
2015-01-28 19:00
Modified
2024-08-06 04:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:03:10.392Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "72325",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72325"
},
{
"name": "HPSBGN03247",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296726407499\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696131"
},
{
"name": "62883",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62883"
},
{
"name": "62691",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62691"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "APPLE-SA-2015-10-21-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT205375"
},
{
"name": "HPSBGN03285",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142722450701342\u0026w=2"
},
{
"name": "20150127 GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2015/q1/269"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"name": "62698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62698"
},
{
"name": "62640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62640"
},
{
"name": "1032909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032909"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa90"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696618"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696600"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf"
},
{
"name": "APPLE-SA-2015-09-30-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx"
},
{
"name": "62688",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62688"
},
{
"name": "62865",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62865"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696243"
},
{
"name": "HPSBHF03289",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"name": "APPLE-SA-2015-06-30-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10100"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "62812",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62812"
},
{
"name": "62879",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62879"
},
{
"name": "HPSBGN03270",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142781412222323\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0090.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "62871",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62871"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "62690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62690"
},
{
"name": "62692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62692"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT205267"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "62681",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62681"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10671"
},
{
"name": "SSRT101937",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142781412222323\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696526"
},
{
"name": "SSRT101953",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"name": "62667",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62667"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668"
},
{
"name": "MDVSA-2015:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:039"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.f-secure.com/en/web/labs_global/fsc-2015-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696602"
},
{
"name": "62517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62517"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT204942"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695695"
},
{
"name": "62680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62680"
},
{
"name": "62813",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62813"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "20150128 GNU glibc gethostbyname Function Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost"
},
{
"name": "91787",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html"
},
{
"name": "RHSA-2015:0126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0126.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "20150311 OpenSSL v1.0.2 for Linux affected by CVE-2015-0235",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534845/100/0/threaded"
},
{
"name": "62715",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62715"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695835"
},
{
"name": "20150127 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2015/q1/274"
},
{
"name": "HPSBMU03330",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143145428124857\u0026w=2"
},
{
"name": "20150128 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/111"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695774"
},
{
"name": "62870",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62870"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20150127-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695860"
},
{
"name": "DSA-3142",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability"
},
{
"name": "62816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62816"
},
{
"name": "62758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62758"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf"
},
{
"name": "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"
},
{
"name": "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9"
},
{
"name": "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Jun/36"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka \"GHOST.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-20T18:06:40",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "72325",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72325"
},
{
"name": "HPSBGN03247",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296726407499\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696131"
},
{
"name": "62883",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62883"
},
{
"name": "62691",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62691"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "APPLE-SA-2015-10-21-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT205375"
},
{
"name": "HPSBGN03285",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142722450701342\u0026w=2"
},
{
"name": "20150127 GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/oss-sec/2015/q1/269"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"name": "62698",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62698"
},
{
"name": "62640",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62640"
},
{
"name": "1032909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032909"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bto.bluecoat.com/security-advisory/sa90"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696618"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696600"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf"
},
{
"name": "APPLE-SA-2015-09-30-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx"
},
{
"name": "62688",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62688"
},
{
"name": "62865",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62865"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696243"
},
{
"name": "HPSBHF03289",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"name": "APPLE-SA-2015-06-30-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10100"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "62812",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62812"
},
{
"name": "62879",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62879"
},
{
"name": "HPSBGN03270",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142781412222323\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0090.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "62871",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62871"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "62690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62690"
},
{
"name": "62692",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62692"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT205267"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "62681",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62681"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10671"
},
{
"name": "SSRT101937",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142781412222323\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696526"
},
{
"name": "SSRT101953",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"name": "62667",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62667"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668"
},
{
"name": "MDVSA-2015:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:039"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.f-secure.com/en/web/labs_global/fsc-2015-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696602"
},
{
"name": "62517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62517"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT204942"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695695"
},
{
"name": "62680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62680"
},
{
"name": "62813",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62813"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "20150128 GNU glibc gethostbyname Function Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost"
},
{
"name": "91787",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html"
},
{
"name": "RHSA-2015:0126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0126.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "20150311 OpenSSL v1.0.2 for Linux affected by CVE-2015-0235",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534845/100/0/threaded"
},
{
"name": "62715",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62715"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695835"
},
{
"name": "20150127 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/oss-sec/2015/q1/274"
},
{
"name": "HPSBMU03330",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143145428124857\u0026w=2"
},
{
"name": "20150128 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/111"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695774"
},
{
"name": "62870",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62870"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20150127-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695860"
},
{
"name": "DSA-3142",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability"
},
{
"name": "62816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62816"
},
{
"name": "62758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62758"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf"
},
{
"name": "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"
},
{
"name": "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9"
},
{
"name": "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/Jun/36"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-0235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka \"GHOST.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "72325",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72325"
},
{
"name": "HPSBGN03247",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142296726407499\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21696131",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696131"
},
{
"name": "62883",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62883"
},
{
"name": "62691",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62691"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "APPLE-SA-2015-10-21-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
},
{
"name": "http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html"
},
{
"name": "https://support.apple.com/HT205375",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205375"
},
{
"name": "HPSBGN03285",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142722450701342\u0026w=2"
},
{
"name": "20150127 GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/oss-sec/2015/q1/269"
},
{
"name": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"name": "62698",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62698"
},
{
"name": "62640",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62640"
},
{
"name": "1032909",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032909"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa90",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa90"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21696618",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696618"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21696600",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696600"
},
{
"name": "http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf",
"refsource": "CONFIRM",
"url": "http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf"
},
{
"name": "APPLE-SA-2015-09-30-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx"
},
{
"name": "62688",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62688"
},
{
"name": "62865",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62865"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21696243",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696243"
},
{
"name": "HPSBHF03289",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"name": "APPLE-SA-2015-06-30-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10100",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10100"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "62812",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62812"
},
{
"name": "62879",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62879"
},
{
"name": "HPSBGN03270",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142781412222323\u0026w=2"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2015-0090.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2015-0090.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "62871",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62871"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "62690",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62690"
},
{
"name": "62692",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62692"
},
{
"name": "https://support.apple.com/HT205267",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205267"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "62681",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62681"
},
{
"name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10671",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10671"
},
{
"name": "SSRT101937",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142781412222323\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21696526",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696526"
},
{
"name": "SSRT101953",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"name": "62667",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62667"
},
{
"name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668"
},
{
"name": "MDVSA-2015:039",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:039"
},
{
"name": "https://www.f-secure.com/en/web/labs_global/fsc-2015-1",
"refsource": "CONFIRM",
"url": "https://www.f-secure.com/en/web/labs_global/fsc-2015-1"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21696602",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696602"
},
{
"name": "62517",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62517"
},
{
"name": "http://support.apple.com/kb/HT204942",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT204942"
},
{
"name": "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/",
"refsource": "CONFIRM",
"url": "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21695695",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695695"
},
{
"name": "62680",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62680"
},
{
"name": "62813",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62813"
},
{
"name": "http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html"
},
{
"name": "GLSA-201503-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "20150128 GNU glibc gethostbyname Function Buffer Overflow Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html"
},
{
"name": "RHSA-2015:0126",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0126.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "20150311 OpenSSL v1.0.2 for Linux affected by CVE-2015-0235",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534845/100/0/threaded"
},
{
"name": "62715",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62715"
},
{
"name": "https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt",
"refsource": "MISC",
"url": "https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21695835",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695835"
},
{
"name": "20150127 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/oss-sec/2015/q1/274"
},
{
"name": "HPSBMU03330",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=143145428124857\u0026w=2"
},
{
"name": "20150128 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Jan/111"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21695774",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695774"
},
{
"name": "62870",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62870"
},
{
"name": "https://security.netapp.com/advisory/ntap-20150127-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20150127-0001/"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2015-0092.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21695860",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695860"
},
{
"name": "DSA-3142",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3142"
},
{
"name": "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability",
"refsource": "MISC",
"url": "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability"
},
{
"name": "62816",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62816"
},
{
"name": "62758",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62758"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf"
},
{
"name": "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"
},
{
"name": "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"name": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9"
},
{
"name": "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Jun/36"
},
{
"name": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-0235",
"datePublished": "2015-01-28T19:00:00",
"dateReserved": "2014-11-18T00:00:00",
"dateUpdated": "2024-08-06T04:03:10.392Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6246 (GCVE-0-2023-6246)
Vulnerability from cvelistv5
Published
2024-01-31 14:06
Modified
2025-02-13 17:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | glibc | |||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:18.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176931/glibc-qsort-Out-Of-Bounds-Read-Write.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/5"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6246"
},
{
"name": "RHBZ#2249053",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249053"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202402-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240216-0007/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6246",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-09T05:00:28.307432Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T17:53:03.744Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "glibc",
"vendor": "n/a",
"versions": [
{
"status": "unaffected",
"version": "2.39"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "compat-glibc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "compat-glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Fedora",
"vendor": "Fedora"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Qualys Threat Research Unit for reporting this issue."
}
],
"datePublic": "2024-01-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-16T13:05:53.547Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "http://packetstormsecurity.com/files/176931/glibc-qsort-Out-Of-Bounds-Read-Write.html"
},
{
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Feb/5"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6246"
},
{
"name": "RHBZ#2249053",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249053"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/"
},
{
"url": "https://security.gentoo.org/glsa/202402-01"
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"url": "https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240216-0007/"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-11-06T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-01-30T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Glibc: heap-based buffer overflow in __vsyslog_internal()",
"x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-6246",
"datePublished": "2024-01-31T14:06:21.949Z",
"dateReserved": "2023-11-21T19:14:21.669Z",
"dateUpdated": "2025-02-13T17:26:15.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-16997 (GCVE-0-2017-16997)
Vulnerability from cvelistv5
Published
2017-12-18 01:00
Modified
2024-08-05 20:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- improper RPATH/RUNPATH validation
Summary
elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | glibc 2.19 through 2.26 |
Version: glibc 2.19 through 2.26 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.423Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22625"
},
{
"name": "102228",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/ml/libc-alpha/2017-12/msg00528.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/884615"
},
{
"name": "RHSA-2018:3092",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"name": "RHBA-2019:0327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "glibc 2.19 through 2.26",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "glibc 2.19 through 2.26"
}
]
}
],
"datePublic": "2017-12-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "improper RPATH/RUNPATH validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-24T05:06:03",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22625"
},
{
"name": "102228",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/ml/libc-alpha/2017-12/msg00528.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/884615"
},
{
"name": "RHSA-2018:3092",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"name": "RHBA-2019:0327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2017-16997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "glibc 2.19 through 2.26",
"version": {
"version_data": [
{
"version_value": "glibc 2.19 through 2.26"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "improper RPATH/RUNPATH validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22625",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22625"
},
{
"name": "102228",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102228"
},
{
"name": "https://sourceware.org/ml/libc-alpha/2017-12/msg00528.html",
"refsource": "CONFIRM",
"url": "https://sourceware.org/ml/libc-alpha/2017-12/msg00528.html"
},
{
"name": "https://bugs.debian.org/884615",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/884615"
},
{
"name": "RHSA-2018:3092",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"name": "RHBA-2019:0327",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2017-16997",
"datePublished": "2017-12-18T01:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-08-05T20:43:59.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4424 (GCVE-0-2012-4424)
Vulnerability from cvelistv5
Published
2013-10-09 22:00
Modified
2024-08-06 20:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string that triggers a malloc failure and use of the alloca function.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.734Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-1991-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"name": "MDVSA-2013:284",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858238"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=14547"
},
{
"name": "[oss-security] 20130913 CVE Request -- glibc: strcoll() integer overflow leading to buffer overflow + another alloca() stack overflow issue (upstream #14547 \u0026\u0026 #14552)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/16"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string that triggers a malloc failure and use of the alloca function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-1991-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"name": "MDVSA-2013:284",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858238"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=14547"
},
{
"name": "[oss-security] 20130913 CVE Request -- glibc: strcoll() integer overflow leading to buffer overflow + another alloca() stack overflow issue (upstream #14547 \u0026\u0026 #14552)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/16"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4424",
"datePublished": "2013-10-09T22:00:00",
"dateReserved": "2012-08-21T00:00:00",
"dateUpdated": "2024-08-06T20:35:09.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15670 (GCVE-0-2017-15670)
Vulnerability from cvelistv5
Published
2017-10-20 17:00
Modified
2024-08-05 19:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22320"
},
{
"name": "101521",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101521"
},
{
"name": "RHSA-2018:1879",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1879"
},
{
"name": "RHSA-2018:0805",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-19T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22320"
},
{
"name": "101521",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101521"
},
{
"name": "RHSA-2018:1879",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1879"
},
{
"name": "RHSA-2018:0805",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15670",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22320",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22320"
},
{
"name": "101521",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101521"
},
{
"name": "RHSA-2018:1879",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1879"
},
{
"name": "RHSA-2018:0805",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15670",
"datePublished": "2017-10-20T17:00:00",
"dateReserved": "2017-10-20T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6488 (GCVE-0-2019-6488)
Vulnerability from cvelistv5
Published
2019-01-18 19:00
Modified
2024-08-04 20:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:20.957Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106671",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106671"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24097"
},
{
"name": "GLSA-202006-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202006-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-13T02:06:36",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "106671",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106671"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24097"
},
{
"name": "GLSA-202006-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202006-04"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6488",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106671"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=24097",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24097"
},
{
"name": "GLSA-202006-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202006-04"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-6488",
"datePublished": "2019-01-18T19:00:00",
"dateReserved": "2019-01-18T00:00:00",
"dateUpdated": "2024-08-04T20:23:20.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25139 (GCVE-0-2023-25139)
Vulnerability from cvelistv5
Published
2023-02-03 00:00
Modified
2025-03-26 14:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:18:35.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30068"
},
{
"name": "[oss-security] 20230210 CVE-2023-25139: glibc-2.37 sprintf buffer overflow",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/02/10/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230302-0010/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-25139",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-26T14:48:30.307657Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-26T14:49:09.815Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-02T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30068"
},
{
"name": "[oss-security] 20230210 CVE-2023-25139: glibc-2.37 sprintf buffer overflow",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/02/10/1"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230302-0010/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-25139",
"datePublished": "2023-02-03T00:00:00.000Z",
"dateReserved": "2023-02-03T00:00:00.000Z",
"dateUpdated": "2025-03-26T14:49:09.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8985 (GCVE-0-2015-8985)
Vulnerability from cvelistv5
Published
2017-03-20 16:00
Modified
2024-08-06 08:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:31.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20170214 Re: Pending CVE requests for glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779392"
},
{
"name": "76916",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/76916"
},
{
"name": "GLSA-201908-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201908-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-15T17:06:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20170214 Re: Pending CVE requests for glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779392"
},
{
"name": "76916",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/76916"
},
{
"name": "GLSA-201908-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201908-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8985",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20170214 Re: Pending CVE requests for glibc",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779392",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779392"
},
{
"name": "76916",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76916"
},
{
"name": "GLSA-201908-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201908-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8985",
"datePublished": "2017-03-20T16:00:00",
"dateReserved": "2017-02-14T00:00:00",
"dateUpdated": "2024-08-06T08:36:31.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-20796 (GCVE-0-2018-20796)
Vulnerability from cvelistv5
Published
2019-02-26 02:00
Modified
2024-08-05 12:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:12:28.627Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190315-0002/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html"
},
{
"name": "107160",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107160"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp%3Butm_medium=RSS"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by \u0027(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+\u0027 in grep."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-05T20:06:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190315-0002/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html"
},
{
"name": "107160",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107160"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp%3Butm_medium=RSS"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20796",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by \u0027(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+\u0027 in grep."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.netapp.com/advisory/ntap-20190315-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190315-0002/"
},
{
"name": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html",
"refsource": "MISC",
"url": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html"
},
{
"name": "107160",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107160"
},
{
"name": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141",
"refsource": "MISC",
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141"
},
{
"name": "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20796",
"datePublished": "2019-02-26T02:00:00",
"dateReserved": "2019-02-25T00:00:00",
"dateUpdated": "2024-08-05T12:12:28.627Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1265 (GCVE-0-2002-1265)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:27.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"name": "oval:org.mitre.oval:def:2248",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2248"
},
{
"name": "HPSBUX01020",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2004.0800.1"
},
{
"name": "sun-rpc-libc-dos(10539)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10539.php"
},
{
"name": "6103",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6103"
},
{
"name": "51082",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/51082"
},
{
"name": "20021103-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021103-01-P"
},
{
"name": "VU#266817",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/266817"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"name": "oval:org.mitre.oval:def:2248",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2248"
},
{
"name": "HPSBUX01020",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2004.0800.1"
},
{
"name": "sun-rpc-libc-dos(10539)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10539.php"
},
{
"name": "6103",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6103"
},
{
"name": "51082",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/51082"
},
{
"name": "20021103-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021103-01-P"
},
{
"name": "VU#266817",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/266817"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1265",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.info.apple.com/usen/security/security_updates.html",
"refsource": "CONFIRM",
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"name": "oval:org.mitre.oval:def:2248",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2248"
},
{
"name": "HPSBUX01020",
"refsource": "HP",
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2004.0800.1"
},
{
"name": "sun-rpc-libc-dos(10539)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10539.php"
},
{
"name": "6103",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6103"
},
{
"name": "51082",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/51082"
},
{
"name": "20021103-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021103-01-P"
},
{
"name": "VU#266817",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/266817"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1265",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-11-04T00:00:00",
"dateUpdated": "2024-08-08T03:19:27.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0242 (GCVE-0-2013-0242)
Vulnerability from cvelistv5
Published
2013-02-08 20:00
Modified
2024-08-06 14:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:18:09.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0008.html"
},
{
"name": "glibc-extendbuffers-dos(81707)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81707"
},
{
"name": "RHSA-2013:1605",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1605.html"
},
{
"name": "55113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55113"
},
{
"name": "USN-1991-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"name": "57638",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/57638"
},
{
"name": "89747",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/89747"
},
{
"name": "51951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51951"
},
{
"name": "1028063",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028063"
},
{
"name": "[oss-security] 20130130 Re: CVE Request -- glibc: DoS due to a buffer overrun in regexp matcher by processing multibyte characters",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/01/30/5"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "[libc-alpha] 20130129 [PATCH] Fix buffer overrun in regexp matcher",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceware.org/ml/libc-alpha/2013-01/msg00967.html"
},
{
"name": "RHSA-2013:0769",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0769.html"
},
{
"name": "MDVSA-2013:163",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:163"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=15078"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0008.html"
},
{
"name": "glibc-extendbuffers-dos(81707)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81707"
},
{
"name": "RHSA-2013:1605",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1605.html"
},
{
"name": "55113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55113"
},
{
"name": "USN-1991-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"name": "57638",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/57638"
},
{
"name": "89747",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/89747"
},
{
"name": "51951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51951"
},
{
"name": "1028063",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028063"
},
{
"name": "[oss-security] 20130130 Re: CVE Request -- glibc: DoS due to a buffer overrun in regexp matcher by processing multibyte characters",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/01/30/5"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "[libc-alpha] 20130129 [PATCH] Fix buffer overrun in regexp matcher",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceware.org/ml/libc-alpha/2013-01/msg00967.html"
},
{
"name": "RHSA-2013:0769",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0769.html"
},
{
"name": "MDVSA-2013:163",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:163"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=15078"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-0242",
"datePublished": "2013-02-08T20:00:00",
"dateReserved": "2012-12-06T00:00:00",
"dateUpdated": "2024-08-06T14:18:09.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27645 (GCVE-0-2021-27645)
Vulnerability from cvelistv5
Published
2021-02-24 00:00
Modified
2025-06-09 14:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:26:10.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462"
},
{
"name": "FEDORA-2021-6749bfcfd9",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/"
},
{
"name": "FEDORA-2021-2ba993d6c5",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/"
},
{
"name": "GLSA-202107-07",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-27645",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T14:57:29.856656Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "CWE-415 Double Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T14:58:23.319Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-17T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462"
},
{
"name": "FEDORA-2021-6749bfcfd9",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/"
},
{
"name": "FEDORA-2021-2ba993d6c5",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/"
},
{
"name": "GLSA-202107-07",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-27645",
"datePublished": "2021-02-24T00:00:00.000Z",
"dateReserved": "2021-02-24T00:00:00.000Z",
"dateUpdated": "2025-06-09T14:58:23.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1146 (GCVE-0-2002-1146)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash).
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.039Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2002:535",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000535"
},
{
"name": "RHSA-2003:212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-212.html"
},
{
"name": "RHSA-2002:197",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-197.html"
},
{
"name": "RHSA-2002:258",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-258.html"
},
{
"name": "RHSA-2003:022",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-022.html"
},
{
"name": "NetBSD-SA2002-015",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-015.txt.asc"
},
{
"name": "VU#738331",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/738331"
},
{
"name": "MDKSA-2004:009",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:009"
},
{
"name": "dns-resolver-lib-read-bo(10295)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10295.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary (\"read buffer overflow\"), allowing remote attackers to cause a denial of service (crash)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2002:535",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000535"
},
{
"name": "RHSA-2003:212",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-212.html"
},
{
"name": "RHSA-2002:197",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-197.html"
},
{
"name": "RHSA-2002:258",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-258.html"
},
{
"name": "RHSA-2003:022",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-022.html"
},
{
"name": "NetBSD-SA2002-015",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-015.txt.asc"
},
{
"name": "VU#738331",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/738331"
},
{
"name": "MDKSA-2004:009",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:009"
},
{
"name": "dns-resolver-lib-read-bo(10295)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10295.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary (\"read buffer overflow\"), allowing remote attackers to cause a denial of service (crash)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2002:535",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000535"
},
{
"name": "RHSA-2003:212",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-212.html"
},
{
"name": "RHSA-2002:197",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-197.html"
},
{
"name": "RHSA-2002:258",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-258.html"
},
{
"name": "RHSA-2003:022",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-022.html"
},
{
"name": "NetBSD-SA2002-015",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-015.txt.asc"
},
{
"name": "VU#738331",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/738331"
},
{
"name": "MDKSA-2004:009",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:009"
},
{
"name": "dns-resolver-lib-read-bo(10295)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10295.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1146",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-09-23T00:00:00",
"dateUpdated": "2024-08-08T03:12:17.039Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10029 (GCVE-0-2020-10029)
Vulnerability from cvelistv5
Published
2020-03-04 00:00
Modified
2024-08-04 10:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:50:57.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=9333498794cde1d5cca518badf79533a24114b6f"
},
{
"name": "openSUSE-SU-2020:0381",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200327-0003/"
},
{
"name": "FEDORA-2020-444c372453",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/"
},
{
"name": "FEDORA-2020-244efc27af",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/"
},
{
"name": "FEDORA-2020-7f625c5ea8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/"
},
{
"name": "GLSA-202006-04",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-17T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487"
},
{
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=9333498794cde1d5cca518badf79533a24114b6f"
},
{
"name": "openSUSE-SU-2020:0381",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20200327-0003/"
},
{
"name": "FEDORA-2020-444c372453",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/"
},
{
"name": "FEDORA-2020-244efc27af",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/"
},
{
"name": "FEDORA-2020-7f625c5ea8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/"
},
{
"name": "GLSA-202006-04",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10029",
"datePublished": "2020-03-04T00:00:00",
"dateReserved": "2020-03-04T00:00:00",
"dateUpdated": "2024-08-04T10:50:57.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4412 (GCVE-0-2012-4412)
Vulnerability from cvelistv5
Published
2013-10-09 22:00
Modified
2024-08-06 20:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55113"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=855385"
},
{
"name": "USN-1991-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"name": "MDVSA-2013:284",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=14547"
},
{
"name": "[oss-security] 20130907 CVE Request -- glibc: strcoll() integer overflow leading to buffer overflow + another alloca() stack overflow issue (upstream #14547 \u0026\u0026 #14552)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/07/9"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-13T20:06:04",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55113"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=855385"
},
{
"name": "USN-1991-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"name": "MDVSA-2013:284",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=14547"
},
{
"name": "[oss-security] 20130907 CVE Request -- glibc: strcoll() integer overflow leading to buffer overflow + another alloca() stack overflow issue (upstream #14547 \u0026\u0026 #14552)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/07/9"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4412",
"datePublished": "2013-10-09T22:00:00",
"dateReserved": "2012-08-21T00:00:00",
"dateUpdated": "2024-08-06T20:35:09.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1658 (GCVE-0-2011-1658)
Vulnerability from cvelistv5
Published
2011-04-08 15:00
Modified
2024-08-06 22:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a (1) setuid or (2) setgid program with this RPATH value, and then executing the program with a crafted value for the LD_PRELOAD environment variable, a different vulnerability than CVE-2010-3847 and CVE-2011-0536. NOTE: it is not expected that any standard operating-system distribution would ship an applicable setuid or setgid program.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:24.622Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12393"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "gnuclibrary-ldso-priv-esc(66820)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66820"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=667974"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a (1) setuid or (2) setgid program with this RPATH value, and then executing the program with a crafted value for the LD_PRELOAD environment variable, a different vulnerability than CVE-2010-3847 and CVE-2011-0536. NOTE: it is not expected that any standard operating-system distribution would ship an applicable setuid or setgid program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12393"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "gnuclibrary-ldso-priv-esc(66820)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66820"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=667974"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a (1) setuid or (2) setgid program with this RPATH value, and then executing the program with a crafted value for the LD_PRELOAD environment variable, a different vulnerability than CVE-2010-3847 and CVE-2011-0536. NOTE: it is not expected that any standard operating-system distribution would ship an applicable setuid or setgid program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceware.org/bugzilla/show_bug.cgi?id=12393",
"refsource": "MISC",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12393"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46397"
},
{
"name": "gnuclibrary-ldso-priv-esc(66820)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66820"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=667974",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=667974"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1658",
"datePublished": "2011-04-08T15:00:00",
"dateReserved": "2011-04-08T00:00:00",
"dateUpdated": "2024-08-06T22:37:24.622Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4880 (GCVE-0-2009-4880)
Vulnerability from cvelistv5
Published
2010-06-01 20:00
Modified
2024-08-07 07:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow context-dependent attackers to cause a denial of service (memory consumption or application crash) via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-1391.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:17:26.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2010:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"name": "GLSA-201011-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"name": "ADV-2010-1246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1246"
},
{
"name": "USN-944-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-944-1"
},
{
"name": "36443",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36443"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600"
},
{
"name": "20090917 glibc x\u003c=2.10.1 stdio/strfmon.c Multiple Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/67"
},
{
"name": "39900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39900"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=199eb0de8d673fb23aa127721054b4f1803d61f3"
},
{
"name": "gnuclibrary-strfmon-overflow(59242)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59242"
},
{
"name": "MDVSA-2010:112",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"name": "DSA-2058",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=524671"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow context-dependent attackers to cause a denial of service (memory consumption or application crash) via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-1391."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2010:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"name": "GLSA-201011-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"name": "ADV-2010-1246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1246"
},
{
"name": "USN-944-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-944-1"
},
{
"name": "36443",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36443"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600"
},
{
"name": "20090917 glibc x\u003c=2.10.1 stdio/strfmon.c Multiple Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/67"
},
{
"name": "39900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39900"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=199eb0de8d673fb23aa127721054b4f1803d61f3"
},
{
"name": "gnuclibrary-strfmon-overflow(59242)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59242"
},
{
"name": "MDVSA-2010:112",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"name": "DSA-2058",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=524671"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4880",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow context-dependent attackers to cause a denial of service (memory consumption or application crash) via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-1391."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2010:111",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"name": "GLSA-201011-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"name": "ADV-2010-1246",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1246"
},
{
"name": "USN-944-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-944-1"
},
{
"name": "36443",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36443"
},
{
"name": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600",
"refsource": "CONFIRM",
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600"
},
{
"name": "20090917 glibc x\u003c=2.10.1 stdio/strfmon.c Multiple Vulnerabilities",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/67"
},
{
"name": "39900",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39900"
},
{
"name": "http://sourceware.org/git/?p=glibc.git;a=commit;h=199eb0de8d673fb23aa127721054b4f1803d61f3",
"refsource": "CONFIRM",
"url": "http://sourceware.org/git/?p=glibc.git;a=commit;h=199eb0de8d673fb23aa127721054b4f1803d61f3"
},
{
"name": "gnuclibrary-strfmon-overflow(59242)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59242"
},
{
"name": "MDVSA-2010:112",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"name": "DSA-2058",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=524671",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=524671"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4880",
"datePublished": "2010-06-01T20:00:00",
"dateReserved": "2010-06-01T00:00:00",
"dateUpdated": "2024-08-07T07:17:26.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4788 (GCVE-0-2013-4788)
Vulnerability from cvelistv5
Published
2013-10-04 17:00
Modified
2024-08-06 16:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:52:27.147Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150907 Glibc Pointer guarding weakness",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Sep/23"
},
{
"name": "MDVSA-2013:284",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"name": "[oss-security] 20130716 Re: CVE-2013-4788 - Eglibc PTR MANGLE bug",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/15/9"
},
{
"name": "61183",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61183"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://hmarco.org/bugs/CVE-2013-4788.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-03-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20150907 Glibc Pointer guarding weakness",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Sep/23"
},
{
"name": "MDVSA-2013:284",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"name": "[oss-security] 20130716 Re: CVE-2013-4788 - Eglibc PTR MANGLE bug",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/15/9"
},
{
"name": "61183",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61183"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://hmarco.org/bugs/CVE-2013-4788.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4788",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150907 Glibc Pointer guarding weakness",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Sep/23"
},
{
"name": "MDVSA-2013:284",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"name": "[oss-security] 20130716 Re: CVE-2013-4788 - Eglibc PTR MANGLE bug",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/07/15/9"
},
{
"name": "61183",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61183"
},
{
"name": "GLSA-201503-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"name": "http://hmarco.org/bugs/CVE-2013-4788.html",
"refsource": "MISC",
"url": "http://hmarco.org/bugs/CVE-2013-4788.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4788",
"datePublished": "2013-10-04T17:00:00",
"dateReserved": "2013-07-10T00:00:00",
"dateUpdated": "2024-08-06T16:52:27.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6040 (GCVE-0-2014-6040)
Vulnerability from cvelistv5
Published
2014-12-05 16:00
Modified
2024-08-06 12:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of "0xffff" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:03:02.407Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "69472",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69472"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=41488498b6"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "MDVSA-2014:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:175"
},
{
"name": "[oss-security] 20140829 CVE request: glibc character set conversion from IBM code pages",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/08/29/3"
},
{
"name": "USN-2432-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-2432-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17325"
},
{
"name": "62100",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62100"
},
{
"name": "[oss-security] 20140902 Re: CVE request: glibc character set conversion from IBM code pages",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/02/1"
},
{
"name": "62146",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/62146"
},
{
"name": "DSA-3142",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of \"0xffff\" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "69472",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69472"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=41488498b6"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "MDVSA-2014:175",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:175"
},
{
"name": "[oss-security] 20140829 CVE request: glibc character set conversion from IBM code pages",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/08/29/3"
},
{
"name": "USN-2432-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-2432-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17325"
},
{
"name": "62100",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62100"
},
{
"name": "[oss-security] 20140902 Re: CVE request: glibc character set conversion from IBM code pages",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/02/1"
},
{
"name": "62146",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/62146"
},
{
"name": "DSA-3142",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-6040",
"datePublished": "2014-12-05T16:00:00",
"dateReserved": "2014-09-01T00:00:00",
"dateUpdated": "2024-08-06T12:03:02.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38604 (GCVE-0-2021-38604)
Vulnerability from cvelistv5
Published
2021-08-12 15:43
Modified
2025-05-30 19:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:23.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=b805aebd42364fe696e417808a700fdb9800c9e8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=4cc79c217744743077bf7a0ec5e0a4318f1e6641"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28213"
},
{
"name": "FEDORA-2021-16dc1f33af",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210909-0005/"
},
{
"name": "GLSA-202208-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-24"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-38604",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T19:18:15.996300Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T19:48:04.201Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-14T15:07:13.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=b805aebd42364fe696e417808a700fdb9800c9e8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=4cc79c217744743077bf7a0ec5e0a4318f1e6641"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28213"
},
{
"name": "FEDORA-2021-16dc1f33af",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210909-0005/"
},
{
"name": "GLSA-202208-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202208-24"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8",
"refsource": "MISC",
"url": "https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8"
},
{
"name": "https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641",
"refsource": "MISC",
"url": "https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=28213",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28213"
},
{
"name": "FEDORA-2021-16dc1f33af",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc",
"refsource": "MISC",
"url": "https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210909-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210909-0005/"
},
{
"name": "GLSA-202208-24",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-24"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38604",
"datePublished": "2021-08-12T15:43:34.000Z",
"dateReserved": "2021-08-12T00:00:00.000Z",
"dateUpdated": "2025-05-30T19:48:04.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8121 (GCVE-0-2014-8121)
Vulnerability from cvelistv5
Published
2015-03-27 14:00
Modified
2024-08-06 13:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:50.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2015:1424",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1165192"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "[libc-alpha] 20150223 [PATCH] CVE-2014-8121: Fix nss_files file management [BZ#18007]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://sourceware.org/ml/libc-alpha/2015-02/msg00617.html"
},
{
"name": "RHSA-2015:0327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0327.html"
},
{
"name": "73038",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73038"
},
{
"name": "DSA-3480",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-30T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SU-2015:1424",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1165192"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "[libc-alpha] 20150223 [PATCH] CVE-2014-8121: Fix nss_files file management [BZ#18007]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://sourceware.org/ml/libc-alpha/2015-02/msg00617.html"
},
{
"name": "RHSA-2015:0327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0327.html"
},
{
"name": "73038",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73038"
},
{
"name": "DSA-3480",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-8121",
"datePublished": "2015-03-27T14:00:00",
"dateReserved": "2014-10-10T00:00:00",
"dateUpdated": "2024-08-06T13:10:50.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4609 (GCVE-0-2011-4609)
Vulnerability from cvelistv5
Published
2013-05-02 14:00
Modified
2024-08-07 00:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:19.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=767299"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-05-02T14:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=767299"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4609",
"datePublished": "2013-05-02T14:00:00Z",
"dateReserved": "2011-11-29T00:00:00Z",
"dateUpdated": "2024-08-07T00:09:19.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1453 (GCVE-0-2004-1453)
Vulnerability from cvelistv5
Published
2005-02-13 05:00
Modified
2024-08-08 00:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:53:23.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=59526"
},
{
"name": "GLSA-200408-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-16.xml"
},
{
"name": "RHSA-2005:261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-261.html"
},
{
"name": "RHSA-2005:256",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-256.html"
},
{
"name": "12306",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12306"
},
{
"name": "oval:org.mitre.oval:def:10762",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10762"
},
{
"name": "glibc-suid-info-disclosure(17006)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17006"
},
{
"name": "10963",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10963"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=59526"
},
{
"name": "GLSA-200408-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-16.xml"
},
{
"name": "RHSA-2005:261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-261.html"
},
{
"name": "RHSA-2005:256",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-256.html"
},
{
"name": "12306",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12306"
},
{
"name": "oval:org.mitre.oval:def:10762",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10762"
},
{
"name": "glibc-suid-info-disclosure(17006)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17006"
},
{
"name": "10963",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10963"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1453",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=59526",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=59526"
},
{
"name": "GLSA-200408-16",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-16.xml"
},
{
"name": "RHSA-2005:261",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-261.html"
},
{
"name": "RHSA-2005:256",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-256.html"
},
{
"name": "12306",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12306"
},
{
"name": "oval:org.mitre.oval:def:10762",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10762"
},
{
"name": "glibc-suid-info-disclosure(17006)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17006"
},
{
"name": "10963",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10963"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1453",
"datePublished": "2005-02-13T05:00:00",
"dateReserved": "2005-02-13T00:00:00",
"dateUpdated": "2024-08-08T00:53:23.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1473 (GCVE-0-2015-1473)
Vulnerability from cvelistv5
Published
2015-04-08 10:00
Modified
2024-08-06 04:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:47:16.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "USN-2519-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06"
},
{
"name": "72499",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72499"
},
{
"name": "[oss-security] 20150203 Re: CVE request: heap buffer overflow in glibc swscanf",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2015/02/04/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "USN-2519-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06"
},
{
"name": "72499",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72499"
},
{
"name": "[oss-security] 20150203 Re: CVE request: heap buffer overflow in glibc swscanf",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2015/02/04/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1473",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "USN-2519-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06"
},
{
"name": "72499",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72499"
},
{
"name": "[oss-security] 20150203 Re: CVE request: heap buffer overflow in glibc swscanf",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2015/02/04/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1473",
"datePublished": "2015-04-08T10:00:00",
"dateReserved": "2015-02-03T00:00:00",
"dateUpdated": "2024-08-06T04:47:16.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1781 (GCVE-0-2015-1781)
Vulnerability from cvelistv5
Published
2015-09-28 20:00
Modified
2024-08-06 04:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:15.984Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2015:1424",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html"
},
{
"name": "[libc-alpha] 20150814 The GNU C Library version 2.22 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=2959eda9272a03386"
},
{
"name": "FEDORA-2016-0480defc94",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html"
},
{
"name": "RHSA-2015:0863",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2015-0863.html"
},
{
"name": "DSA-3480",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18287"
},
{
"name": "1032178",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032178"
},
{
"name": "74255",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74255"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SU-2015:1424",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html"
},
{
"name": "[libc-alpha] 20150814 The GNU C Library version 2.22 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=2959eda9272a03386"
},
{
"name": "FEDORA-2016-0480defc94",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html"
},
{
"name": "RHSA-2015:0863",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2015-0863.html"
},
{
"name": "DSA-3480",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18287"
},
{
"name": "1032178",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032178"
},
{
"name": "74255",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74255"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-1781",
"datePublished": "2015-09-28T20:00:00",
"dateReserved": "2015-02-17T00:00:00",
"dateUpdated": "2024-08-06T04:54:15.984Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-7424 (GCVE-0-2013-7424)
Vulnerability from cvelistv5
Published
2015-08-26 19:00
Modified
2024-08-06 18:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to ping6.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:16.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186614"
},
{
"name": "[oss-security] 20150129 Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/29/21"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=2e96f1c7"
},
{
"name": "RHSA-2015:1627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1627.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=981942"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18011"
},
{
"name": "72710",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72710"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to ping6."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186614"
},
{
"name": "[oss-security] 20150129 Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/29/21"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=2e96f1c7"
},
{
"name": "RHSA-2015:1627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1627.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=981942"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18011"
},
{
"name": "72710",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72710"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7424",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to ping6."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1186614",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186614"
},
{
"name": "[oss-security] 20150129 Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/29/21"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=2e96f1c7",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=2e96f1c7"
},
{
"name": "RHSA-2015:1627",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1627.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=981942",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=981942"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=18011",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18011"
},
{
"name": "72710",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72710"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-7424",
"datePublished": "2015-08-26T19:00:00",
"dateReserved": "2015-01-29T00:00:00",
"dateUpdated": "2024-08-06T18:09:16.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9761 (GCVE-0-2014-9761)
Vulnerability from cvelistv5
Published
2016-04-19 21:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:0471",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "FEDORA-2016-68abc0be35",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "RHSA-2017:1916",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"name": "openSUSE-SU-2016:0510",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "RHSA-2017:0680",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "SUSE-SU-2016:0472",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "SUSE-SU-2016:0473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"name": "[libc-alpha] 20160219 The GNU C Library version 2.23 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"name": "[oss-security] 20160119 CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"name": "83306",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/83306"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16962"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-05T01:06:06",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SU-2016:0471",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "FEDORA-2016-68abc0be35",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "RHSA-2017:1916",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"name": "openSUSE-SU-2016:0510",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "RHSA-2017:0680",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "SUSE-SU-2016:0472",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "SUSE-SU-2016:0473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"name": "[libc-alpha] 20160219 The GNU C Library version 2.23 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"name": "[oss-security] 20160119 CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"name": "83306",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/83306"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16962"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9761",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:0471",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "FEDORA-2016-68abc0be35",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "RHSA-2017:1916",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"name": "openSUSE-SU-2016:0510",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"name": "SUSE-SU-2016:0470",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "RHSA-2017:0680",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"name": "USN-2985-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"name": "GLSA-201702-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "SUSE-SU-2016:0472",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "SUSE-SU-2016:0473",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"name": "[libc-alpha] 20160219 The GNU C Library version 2.23 is now available",
"refsource": "MLIST",
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"name": "[oss-security] 20160119 CVE assignment request for security bugs fixed in glibc 2.23",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"name": "83306",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/83306"
},
{
"name": "USN-2985-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=16962",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16962"
},
{
"name": "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"name": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-9761",
"datePublished": "2016-04-19T21:00:00",
"dateReserved": "2016-01-19T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-10739 (GCVE-0-2016-10739)
Vulnerability from cvelistv5
Published
2019-01-21 19:00
Modified
2024-08-06 03:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:30:20.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20018"
},
{
"name": "106672",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106672"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347549"
},
{
"name": "openSUSE-SU-2019:1250",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html"
},
{
"name": "RHSA-2019:2118",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2118"
},
{
"name": "RHSA-2019:3513",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3513"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-06T00:07:40",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20018"
},
{
"name": "106672",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106672"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347549"
},
{
"name": "openSUSE-SU-2019:1250",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html"
},
{
"name": "RHSA-2019:2118",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2118"
},
{
"name": "RHSA-2019:3513",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3513"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10739",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=20018",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20018"
},
{
"name": "106672",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106672"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1347549",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347549"
},
{
"name": "openSUSE-SU-2019:1250",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html"
},
{
"name": "RHSA-2019:2118",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2118"
},
{
"name": "RHSA-2019:3513",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3513"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10739",
"datePublished": "2019-01-21T19:00:00",
"dateReserved": "2019-01-21T00:00:00",
"dateUpdated": "2024-08-06T03:30:20.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0687 (GCVE-0-2023-0687)
Vulnerability from cvelistv5
Published
2023-02-06 00:00
Modified
2024-11-25 15:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Overflow
Summary
A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability. NOTE: The real existence of this vulnerability is still doubted at the moment. The inputs that induce this vulnerability are basically addresses of the running application that is built with gmon enabled. It's basically trusted input or input that needs an actual security flaw to be compromised or controlled.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:17:50.332Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://vuldb.com/?id.220246"
},
{
"tags": [
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.220246"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29444"
},
{
"tags": [
"x_transferred"
],
"url": "https://patchwork.sourceware.org/project/glibc/patch/20230204114138.5436-1-leo%40yuriev.ru/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0687",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T15:41:00.523281Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T15:41:37.840Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "C Library",
"vendor": "GNU",
"versions": [
{
"status": "affected",
"version": "2.38"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability. NOTE: The real existence of this vulnerability is still doubted at the moment. The inputs that induce this vulnerability are basically addresses of the running application that is built with gmon enabled. It\u0027s basically trusted input or input that needs an actual security flaw to be compromised or controlled."
},
{
"lang": "de",
"value": "In GNU C Library 2.38 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Das betrifft die Funktion __monstartup der Datei gmon.c der Komponente Call Graph Monitor. Durch Manipulation mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-24T00:00:00",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"url": "https://vuldb.com/?id.220246"
},
{
"url": "https://vuldb.com/?ctiid.220246"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29444"
},
{
"url": "https://patchwork.sourceware.org/project/glibc/patch/20230204114138.5436-1-leo%40yuriev.ru/"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2023-0687",
"datePublished": "2023-02-06T00:00:00",
"dateReserved": "2023-02-06T00:00:00",
"dateUpdated": "2024-11-25T15:41:37.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8804 (GCVE-0-2017-8804)
Vulnerability from cvelistv5
Published
2017-05-07 18:00
Modified
2024-08-05 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779. NOTE: [Information provided from upstream and references
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:48:22.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1037559#c7"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/ml/libc-alpha/2017-05/msg00105.html"
},
{
"name": "98339",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98339"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21461"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/05/05/2"
},
{
"name": "SUSE-SU-2018:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00049.html"
},
{
"name": "openSUSE-SU-2018:0494",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00039.html"
},
{
"name": "SUSE-SU-2018:0451",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00026.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00128.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00129.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/oss-sec/2017/q2/228"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779. NOTE: [Information provided from upstream and references"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-26T13:53:51",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1037559#c7"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/ml/libc-alpha/2017-05/msg00105.html"
},
{
"name": "98339",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98339"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21461"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openwall.com/lists/oss-security/2017/05/05/2"
},
{
"name": "SUSE-SU-2018:0565",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00049.html"
},
{
"name": "openSUSE-SU-2018:0494",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00039.html"
},
{
"name": "SUSE-SU-2018:0451",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00026.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00128.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00129.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/oss-sec/2017/q2/228"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8804",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779. NOTE: [Information provided from upstream and references]"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1037559#c7",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1037559#c7"
},
{
"name": "https://sourceware.org/ml/libc-alpha/2017-05/msg00105.html",
"refsource": "CONFIRM",
"url": "https://sourceware.org/ml/libc-alpha/2017-05/msg00105.html"
},
{
"name": "98339",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98339"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=21461",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21461"
},
{
"name": "http://www.openwall.com/lists/oss-security/2017/05/05/2",
"refsource": "CONFIRM",
"url": "http://www.openwall.com/lists/oss-security/2017/05/05/2"
},
{
"name": "SUSE-SU-2018:0565",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00049.html"
},
{
"name": "openSUSE-SU-2018:0494",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00039.html"
},
{
"name": "SUSE-SU-2018:0451",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00026.html"
},
{
"name": "https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00128.html",
"refsource": "MISC",
"url": "https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00128.html"
},
{
"name": "https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00129.html",
"refsource": "MISC",
"url": "https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00129.html"
},
{
"name": "https://seclists.org/oss-sec/2017/q2/228",
"refsource": "MISC",
"url": "https://seclists.org/oss-sec/2017/q2/228"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-8804",
"datePublished": "2017-05-07T18:00:00",
"dateReserved": "2017-05-07T00:00:00",
"dateUpdated": "2024-08-05T16:48:22.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6485 (GCVE-0-2018-6485)
Vulnerability from cvelistv5
Published
2018-02-01 14:00
Modified
2024-08-05 06:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:01:49.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22343"
},
{
"name": "102912",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102912"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/878159"
},
{
"name": "RHSA-2018:3092",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "RHBA-2019:0327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"name": "USN-4218-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4218-1/"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-09T19:06:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22343"
},
{
"name": "102912",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102912"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/878159"
},
{
"name": "RHSA-2018:3092",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "RHBA-2019:0327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"name": "USN-4218-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4218-1/"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6485",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22343",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22343"
},
{
"name": "102912",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102912"
},
{
"name": "http://bugs.debian.org/878159",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/878159"
},
{
"name": "RHSA-2018:3092",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190404-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "RHBA-2019:0327",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"name": "USN-4218-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4218-1/"
},
{
"name": "USN-4416-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4416-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-6485",
"datePublished": "2018-02-01T14:00:00",
"dateReserved": "2018-02-01T00:00:00",
"dateUpdated": "2024-08-05T06:01:49.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8983 (GCVE-0-2015-8983)
Vulnerability from cvelistv5
Published
2017-03-20 16:00
Modified
2024-08-06 08:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:31.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20170214 Re: Pending CVE requests for glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17269"
},
{
"name": "[libc-alpha] 20150814 The GNU C Library version 2.22 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=bdf1ff052a8e23d637f2c838fa5642d78fcedc33"
},
{
"name": "72740",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72740"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-20T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20170214 Re: Pending CVE requests for glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17269"
},
{
"name": "[libc-alpha] 20150814 The GNU C Library version 2.22 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=bdf1ff052a8e23d637f2c838fa5642d78fcedc33"
},
{
"name": "72740",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72740"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8983",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20170214 Re: Pending CVE requests for glibc",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=17269",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17269"
},
{
"name": "[libc-alpha] 20150814 The GNU C Library version 2.22 is now available",
"refsource": "MLIST",
"url": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bdf1ff052a8e23d637f2c838fa5642d78fcedc33",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bdf1ff052a8e23d637f2c838fa5642d78fcedc33"
},
{
"name": "72740",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72740"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8983",
"datePublished": "2017-03-20T16:00:00",
"dateReserved": "2017-02-14T00:00:00",
"dateUpdated": "2024-08-06T08:36:31.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1089 (GCVE-0-2011-1089)
Vulnerability from cvelistv5
Published
2011-04-10 01:29
Modified
2024-08-06 22:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:27.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12625"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "46740",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46740"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "MDVSA-2011:178",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "MDVSA-2011:179",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:179"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "RHSA-2011:1526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1526.html"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-01-19T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12625"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name": "46740",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46740"
},
{
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name": "MDVSA-2011:178",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name": "MDVSA-2011:179",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:179"
},
{
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name": "RHSA-2011:1526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1526.html"
},
{
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1089",
"datePublished": "2011-04-10T01:29:00",
"dateReserved": "2011-02-24T00:00:00",
"dateUpdated": "2024-08-06T22:14:27.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1010023 (GCVE-0-2019-1010023)
Vulnerability from cvelistv5
Published
2019-07-15 03:09
Modified
2024-08-05 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Re-mapping current loaded libray with malicious ELF file
Summary
GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2019-1010023",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-11T18:42:21.452782Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-11T18:43:16.622Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:07:18.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851"
},
{
"name": "109167",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/109167"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"name": "CVE-2019-1010023",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010023"
},
{
"name": "CVE-2019-1010023",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2019-1010023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "glibc",
"vendor": "GNU Libc",
"versions": [
{
"status": "affected",
"version": "current (At least as of 2018-02-16)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Re-mapping current loaded libray with malicious ELF file",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-16T19:43:22",
"orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"shortName": "dwf"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851"
},
{
"name": "109167",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/109167"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"name": "CVE-2019-1010023",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010023"
},
{
"name": "CVE-2019-1010023",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://ubuntu.com/security/CVE-2019-1010023"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "glibc",
"version": {
"version_data": [
{
"version_value": "current (At least as of 2018-02-16)"
}
]
}
}
]
},
"vendor_name": "GNU Libc"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Re-mapping current loaded libray with malicious ELF file"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851"
},
{
"name": "109167",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109167"
},
{
"name": "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp;utm_medium=RSS",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp;utm_medium=RSS"
},
{
"name": "CVE-2019-1010023",
"refsource": "DEBIAN",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010023"
},
{
"name": "CVE-2019-1010023",
"refsource": "UBUNTU",
"url": "https://ubuntu.com/security/CVE-2019-1010023"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"assignerShortName": "dwf",
"cveId": "CVE-2019-1010023",
"datePublished": "2019-07-15T03:09:37",
"dateReserved": "2019-03-20T00:00:00",
"dateUpdated": "2024-08-05T03:07:18.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4332 (GCVE-0-2013-4332)
Vulnerability from cvelistv5
Published
2013-10-09 22:00
Modified
2024-08-06 16:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:1605",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1605.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4332"
},
{
"name": "55113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55113"
},
{
"name": "USN-1991-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"name": "[oss-security] 20130912 Re: CVE Request: Three integer overflows in glibc memory allocator",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/09/12/6"
},
{
"name": "MDVSA-2013:284",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"name": "62324",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/62324"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2013:1411",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1411.html"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15857"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15856"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15855"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2013:1605",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1605.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4332"
},
{
"name": "55113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55113"
},
{
"name": "USN-1991-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"name": "[oss-security] 20130912 Re: CVE Request: Three integer overflows in glibc memory allocator",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/09/12/6"
},
{
"name": "MDVSA-2013:284",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"name": "62324",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/62324"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "RHSA-2013:1411",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1411.html"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15857"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15856"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15855"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4332",
"datePublished": "2013-10-09T22:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:38:01.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0536 (GCVE-0-2011-0536)
Vulnerability from cvelistv5
Published
2011-04-08 15:00
Modified
2024-08-06 21:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:58:25.057Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "RHSA-2011:0412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"name": "ADV-2011-0863",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"name": "[oss-security] 20110203 Re: CVE request: glibc CVE-2010-3847 fix regression",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/02/03/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=667974"
},
{
"name": "43989",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43989"
},
{
"name": "USN-1009-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1009-2"
},
{
"name": "1025289",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025289"
},
{
"name": "DSA-2122-2",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://lists.debian.org/debian-security-announce/2011/msg00005.html"
},
{
"name": "MDVSA-2011:178",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"name": "43830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43830"
},
{
"name": "RHSA-2011:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0413.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "oval:org.mitre.oval:def:13086",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13086"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://launchpad.net/bugs/701783"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=96611391ad8823ba58405325d78cefeae5cdf699"
},
{
"name": "[oss-security] 20110203 CVE request: glibc CVE-2010-3847 fix regression",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/02/01/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "46397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46397"
},
{
"name": "RHSA-2011:0412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"name": "ADV-2011-0863",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"name": "[oss-security] 20110203 Re: CVE request: glibc CVE-2010-3847 fix regression",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/02/03/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=667974"
},
{
"name": "43989",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43989"
},
{
"name": "USN-1009-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1009-2"
},
{
"name": "1025289",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025289"
},
{
"name": "DSA-2122-2",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://lists.debian.org/debian-security-announce/2011/msg00005.html"
},
{
"name": "MDVSA-2011:178",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"name": "43830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43830"
},
{
"name": "RHSA-2011:0413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0413.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "oval:org.mitre.oval:def:13086",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13086"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://launchpad.net/bugs/701783"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=96611391ad8823ba58405325d78cefeae5cdf699"
},
{
"name": "[oss-security] 20110203 CVE request: glibc CVE-2010-3847 fix regression",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/02/01/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-0536",
"datePublished": "2011-04-08T15:00:00",
"dateReserved": "2011-01-20T00:00:00",
"dateUpdated": "2024-08-06T21:58:25.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0864 (GCVE-0-2012-0864)
Vulnerability from cvelistv5
Published
2013-05-02 14:00
Modified
2024-08-06 18:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:38:14.911Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2012:0531",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0531.html"
},
{
"name": "52201",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52201"
},
{
"name": "RHSA-2012:0393",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0393.html"
},
{
"name": "RHSA-2012:0397",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0397.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=7c1f4834d398163d1ac8101e35e9c36fc3176e6e"
},
{
"name": "RHSA-2012:0488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
},
{
"name": "[libc-alpha] 20120202 [PATCH] vfprintf: validate nargs and positional offsets",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceware.org/ml/libc-alpha/2012-02/msg00023.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=794766"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.phrack.org/issues.html?issue=67\u0026id=9#article"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-05-02T14:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2012:0531",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0531.html"
},
{
"name": "52201",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52201"
},
{
"name": "RHSA-2012:0393",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0393.html"
},
{
"name": "RHSA-2012:0397",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0397.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=7c1f4834d398163d1ac8101e35e9c36fc3176e6e"
},
{
"name": "RHSA-2012:0488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
},
{
"name": "[libc-alpha] 20120202 [PATCH] vfprintf: validate nargs and positional offsets",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceware.org/ml/libc-alpha/2012-02/msg00023.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=794766"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.phrack.org/issues.html?issue=67\u0026id=9#article"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0864",
"datePublished": "2013-05-02T14:00:00Z",
"dateReserved": "2012-01-19T00:00:00Z",
"dateUpdated": "2024-08-06T18:38:14.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15804 (GCVE-0-2017-15804)
Vulnerability from cvelistv5
Published
2017-10-22 17:00
Modified
2024-08-05 20:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:04:50.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22332"
},
{
"name": "RHSA-2018:1879",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1879"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=a159b53fa059947cc2548e3b0d5bdcf7b9630ba8"
},
{
"name": "101535",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101535"
},
{
"name": "RHSA-2018:0805",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-19T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22332"
},
{
"name": "RHSA-2018:1879",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1879"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=a159b53fa059947cc2548e3b0d5bdcf7b9630ba8"
},
{
"name": "101535",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101535"
},
{
"name": "RHSA-2018:0805",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15804",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22332",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22332"
},
{
"name": "RHSA-2018:1879",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1879"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=a159b53fa059947cc2548e3b0d5bdcf7b9630ba8",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=a159b53fa059947cc2548e3b0d5bdcf7b9630ba8"
},
{
"name": "101535",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101535"
},
{
"name": "RHSA-2018:0805",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15804",
"datePublished": "2017-10-22T17:00:00",
"dateReserved": "2017-10-22T00:00:00",
"dateUpdated": "2024-08-05T20:04:50.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4429 (GCVE-0-2016-4429)
Vulnerability from cvelistv5
Published
2016-06-10 15:00
Modified
2024-08-06 00:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:24.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3759-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3759-2/"
},
{
"name": "openSUSE-SU-2016:1779",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"name": "USN-3759-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3759-1/"
},
{
"name": "openSUSE-SU-2016:1527",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"name": "102073",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102073"
},
{
"name": "[debian-lts-announce] 20200628 [SECURITY] [DLA 2256-1] libtirpc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00027.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20112"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-12-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=bc779a1a5b3035133024b21e2f339fe4219fb11c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-20T22:53:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-3759-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3759-2/"
},
{
"name": "openSUSE-SU-2016:1779",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"name": "USN-3759-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3759-1/"
},
{
"name": "openSUSE-SU-2016:1527",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"name": "102073",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102073"
},
{
"name": "[debian-lts-announce] 20200628 [SECURITY] [DLA 2256-1] libtirpc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00027.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20112"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-12-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=bc779a1a5b3035133024b21e2f339fe4219fb11c"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-4429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3759-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3759-2/"
},
{
"name": "openSUSE-SU-2016:1779",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"name": "USN-3759-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3759-1/"
},
{
"name": "openSUSE-SU-2016:1527",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"name": "102073",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102073"
},
{
"name": "[debian-lts-announce] 20200628 [SECURITY] [DLA 2256-1] libtirpc security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00027.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"name": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=20112",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20112"
},
{
"name": "https://source.android.com/security/bulletin/2017-12-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-12-01"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bc779a1a5b3035133024b21e2f339fe4219fb11c",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bc779a1a5b3035133024b21e2f339fe4219fb11c"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-4429",
"datePublished": "2016-06-10T15:00:00",
"dateReserved": "2016-05-02T00:00:00",
"dateUpdated": "2024-08-06T00:32:24.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1000366 (GCVE-0-2017-1000366)
Vulnerability from cvelistv5
Published
2017-06-19 16:00
Modified
2024-08-05 22:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:39.873Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"name": "1038712",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038712"
},
{
"name": "42275",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42275/"
},
{
"name": "RHSA-2017:1712",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1712"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/security/cve/CVE-2017-1000366/"
},
{
"name": "RHSA-2017:1479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1479"
},
{
"name": "RHSA-2017:1480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1480"
},
{
"name": "99127",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99127"
},
{
"name": "42276",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42276/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.suse.com/support/kb/doc/?id=7020973"
},
{
"name": "RHSA-2017:1567",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1567"
},
{
"name": "42274",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42274/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2017-1000366"
},
{
"name": "RHSA-2017:1481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1481"
},
{
"name": "DSA-3887",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3887"
},
{
"name": "GLSA-201706-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10205"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-06-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-05T01:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"name": "1038712",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038712"
},
{
"name": "42275",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42275/"
},
{
"name": "RHSA-2017:1712",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1712"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/security/cve/CVE-2017-1000366/"
},
{
"name": "RHSA-2017:1479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1479"
},
{
"name": "RHSA-2017:1480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1480"
},
{
"name": "99127",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99127"
},
{
"name": "42276",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42276/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.suse.com/support/kb/doc/?id=7020973"
},
{
"name": "RHSA-2017:1567",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1567"
},
{
"name": "42274",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42274/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/cve/CVE-2017-1000366"
},
{
"name": "RHSA-2017:1481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1481"
},
{
"name": "DSA-3887",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3887"
},
{
"name": "GLSA-201706-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10205"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1000366",
"REQUESTER": "qsa@qualys.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
"refsource": "MISC",
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"name": "1038712",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038712"
},
{
"name": "42275",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42275/"
},
{
"name": "RHSA-2017:1712",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1712"
},
{
"name": "https://www.suse.com/security/cve/CVE-2017-1000366/",
"refsource": "CONFIRM",
"url": "https://www.suse.com/security/cve/CVE-2017-1000366/"
},
{
"name": "RHSA-2017:1479",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1479"
},
{
"name": "RHSA-2017:1480",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1480"
},
{
"name": "99127",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99127"
},
{
"name": "42276",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42276/"
},
{
"name": "https://www.suse.com/support/kb/doc/?id=7020973",
"refsource": "CONFIRM",
"url": "https://www.suse.com/support/kb/doc/?id=7020973"
},
{
"name": "RHSA-2017:1567",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1567"
},
{
"name": "42274",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42274/"
},
{
"name": "https://access.redhat.com/security/cve/CVE-2017-1000366",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000366"
},
{
"name": "RHSA-2017:1481",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1481"
},
{
"name": "DSA-3887",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3887"
},
{
"name": "GLSA-201706-19",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10205",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10205"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"name": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000366",
"datePublished": "2017-06-19T16:00:00",
"dateReserved": "2017-06-19T00:00:00",
"dateUpdated": "2024-08-05T22:00:39.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8982 (GCVE-0-2015-8982)
Vulnerability from cvelistv5
Published
2017-03-15 19:00
Modified
2024-08-06 08:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:31.166Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20170214 Re: Pending CVE requests for glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"name": "72602",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72602"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=0f9e585480ed"
},
{
"name": "[oss-security] 20150213 CVE Requests - glibc overflows (strxfrm)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/13/3"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T14:08:46",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20170214 Re: Pending CVE requests for glibc",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"name": "72602",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72602"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=0f9e585480ed"
},
{
"name": "[oss-security] 20150213 CVE Requests - glibc overflows (strxfrm)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/13/3"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8982",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20170214 Re: Pending CVE requests for glibc",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"name": "72602",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72602"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=0f9e585480ed",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=0f9e585480ed"
},
{
"name": "[oss-security] 20150213 CVE Requests - glibc overflows (strxfrm)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/13/3"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8982",
"datePublished": "2017-03-15T19:00:00",
"dateReserved": "2017-02-14T00:00:00",
"dateUpdated": "2024-08-06T08:36:31.166Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-11237 (GCVE-0-2018-11237)
Vulnerability from cvelistv5
Published
2018-05-18 16:00
Modified
2024-08-05 08:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:01:52.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23196"
},
{
"name": "44750",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44750/"
},
{
"name": "104256",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104256"
},
{
"name": "RHSA-2018:3092",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190329-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190401-0001/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "RHBA-2019:0327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-09T19:06:11",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23196"
},
{
"name": "44750",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44750/"
},
{
"name": "104256",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104256"
},
{
"name": "RHSA-2018:3092",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190329-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190401-0001/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "RHBA-2019:0327",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11237",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=23196",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23196"
},
{
"name": "44750",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44750/"
},
{
"name": "104256",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104256"
},
{
"name": "RHSA-2018:3092",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190329-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190329-0001/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190401-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190401-0001/"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "RHBA-2019:0327",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"name": "USN-4416-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4416-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-11237",
"datePublished": "2018-05-18T16:00:00",
"dateReserved": "2018-05-18T00:00:00",
"dateUpdated": "2024-08-05T08:01:52.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4051 (GCVE-0-2010-4051)
Vulnerability from cvelistv5
Published
2011-01-13 18:35
Modified
2024-08-07 03:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a "RE_DUP_MAX overflow."
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.117Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42547",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42547"
},
{
"name": "1024832",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024832"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2011/Jan/78"
},
{
"name": "VU#912279",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/912279"
},
{
"name": "45233",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45233"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/515589/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cxib.net/stuff/proftpd.gnu.c"
},
{
"name": "15935",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/15935"
},
{
"name": "8003",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8003"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/93"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645859"
},
{
"name": "[guacamole-issues] 20210618 [jira] [Created] (GUACAMOLE-1368) Latest docker image fails security scans.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-12-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a \"RE_DUP_MAX overflow.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-18T14:06:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42547",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42547"
},
{
"name": "1024832",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024832"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2011/Jan/78"
},
{
"name": "VU#912279",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/912279"
},
{
"name": "45233",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45233"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/515589/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cxib.net/stuff/proftpd.gnu.c"
},
{
"name": "15935",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/15935"
},
{
"name": "8003",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8003"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/93"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645859"
},
{
"name": "[guacamole-issues] 20210618 [jira] [Created] (GUACAMOLE-1368) Latest docker image fails security scans.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4051",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a \"RE_DUP_MAX overflow.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42547",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42547"
},
{
"name": "1024832",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024832"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2011/Jan/78"
},
{
"name": "VU#912279",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/912279"
},
{
"name": "45233",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45233"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/515589/100/0/threaded"
},
{
"name": "http://cxib.net/stuff/proftpd.gnu.c",
"refsource": "MISC",
"url": "http://cxib.net/stuff/proftpd.gnu.c"
},
{
"name": "15935",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15935"
},
{
"name": "8003",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8003"
},
{
"name": "20110107 GNU libc/regcomp(3) Multiple Vulnerabilities",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/93"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=645859",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645859"
},
{
"name": "[guacamole-issues] 20210618 [jira] [Created] (GUACAMOLE-1368) Latest docker image fails security scans.",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4051",
"datePublished": "2011-01-13T18:35:00",
"dateReserved": "2010-10-22T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.117Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8778 (GCVE-0-2015-8778)
Vulnerability from cvelistv5
Published
2016-04-19 21:00
Modified
2024-08-06 08:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:29:21.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:0471",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "FEDORA-2016-68abc0be35",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "RHSA-2017:1916",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"name": "DSA-3481",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"name": "openSUSE-SU-2016:0510",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18240"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "RHSA-2017:0680",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "SUSE-SU-2016:0472",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "SUSE-SU-2016:0473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"name": "[libc-alpha] 20160219 The GNU C Library version 2.23 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"name": "[oss-security] 20160119 CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"name": "DSA-3480",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"name": "83275",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/83275"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-05T01:06:08",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SU-2016:0471",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "FEDORA-2016-68abc0be35",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "RHSA-2017:1916",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"name": "DSA-3481",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"name": "openSUSE-SU-2016:0510",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18240"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "RHSA-2017:0680",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "SUSE-SU-2016:0472",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "SUSE-SU-2016:0473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"name": "[libc-alpha] 20160219 The GNU C Library version 2.23 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"name": "[oss-security] 20160119 CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"name": "DSA-3480",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"name": "83275",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/83275"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-8778",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:0471",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "FEDORA-2016-68abc0be35",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "RHSA-2017:1916",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"name": "DSA-3481",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"name": "openSUSE-SU-2016:0510",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=18240",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18240"
},
{
"name": "SUSE-SU-2016:0470",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "RHSA-2017:0680",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"name": "USN-2985-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"name": "GLSA-201702-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "GLSA-201602-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "SUSE-SU-2016:0472",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "SUSE-SU-2016:0473",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"name": "[libc-alpha] 20160219 The GNU C Library version 2.23 is now available",
"refsource": "MLIST",
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"name": "[oss-security] 20160119 CVE assignment request for security bugs fixed in glibc 2.23",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"name": "DSA-3480",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"name": "USN-2985-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"name": "83275",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/83275"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"name": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-8778",
"datePublished": "2016-04-19T21:00:00",
"dateReserved": "2016-01-19T00:00:00",
"dateUpdated": "2024-08-06T08:29:21.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8779 (GCVE-0-2015-8779)
Vulnerability from cvelistv5
Published
2016-04-19 21:00
Modified
2024-08-06 08:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:29:22.111Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:0471",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "FEDORA-2016-68abc0be35",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "RHSA-2017:1916",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"name": "DSA-3481",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"name": "openSUSE-SU-2016:0510",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "RHSA-2017:0680",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "SUSE-SU-2016:0472",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "SUSE-SU-2016:0473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"name": "[libc-alpha] 20160219 The GNU C Library version 2.23 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"name": "[oss-security] 20160119 CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"name": "82244",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/82244"
},
{
"name": "DSA-3480",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17905"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-05T01:06:06",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SU-2016:0471",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "FEDORA-2016-68abc0be35",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "RHSA-2017:1916",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"name": "DSA-3481",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"name": "openSUSE-SU-2016:0510",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "RHSA-2017:0680",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"name": "GLSA-201702-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "GLSA-201602-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "SUSE-SU-2016:0472",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "SUSE-SU-2016:0473",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"name": "[libc-alpha] 20160219 The GNU C Library version 2.23 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"name": "[oss-security] 20160119 CVE assignment request for security bugs fixed in glibc 2.23",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"name": "82244",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/82244"
},
{
"name": "DSA-3480",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17905"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-8779",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:0471",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name": "FEDORA-2016-68abc0be35",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name": "RHSA-2017:1916",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"name": "DSA-3481",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"name": "openSUSE-SU-2016:0510",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"name": "SUSE-SU-2016:0470",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "RHSA-2017:0680",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"name": "USN-2985-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name": "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"name": "GLSA-201702-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name": "GLSA-201602-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name": "SUSE-SU-2016:0472",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name": "SUSE-SU-2016:0473",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"name": "[libc-alpha] 20160219 The GNU C Library version 2.23 is now available",
"refsource": "MLIST",
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"name": "[oss-security] 20160119 CVE assignment request for security bugs fixed in glibc 2.23",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"name": "82244",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/82244"
},
{
"name": "DSA-3480",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=17905",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17905"
},
{
"name": "USN-2985-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"name": "20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"name": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-8779",
"datePublished": "2016-04-19T21:00:00",
"dateReserved": "2016-01-19T00:00:00",
"dateUpdated": "2024-08-06T08:29:22.111Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4237 (GCVE-0-2013-4237)
Vulnerability from cvelistv5
Published
2013-10-09 22:00
Modified
2024-08-06 16:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted (1) NTFS or (2) CIFS image.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.736Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55113"
},
{
"name": "[oss-security] 20130812 Re: CVE Request -- glibc: Buffer overwrite when using readdir_r on file systems returning file names longer than NAME_MAX characters",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/12/8"
},
{
"name": "USN-1991-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=995839"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=91ce40854d0b7f865cf5024ef95a8026b76096f3"
},
{
"name": "61729",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61729"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=14699"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted (1) NTFS or (2) CIFS image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55113"
},
{
"name": "[oss-security] 20130812 Re: CVE Request -- glibc: Buffer overwrite when using readdir_r on file systems returning file names longer than NAME_MAX characters",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/12/8"
},
{
"name": "USN-1991-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=995839"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=91ce40854d0b7f865cf5024ef95a8026b76096f3"
},
{
"name": "61729",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61729"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=14699"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4237",
"datePublished": "2013-10-09T22:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:38:01.736Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-33602 (GCVE-0-2024-33602)
Vulnerability from cvelistv5
Published
2024-05-06 19:22
Modified
2025-02-13 17:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-466 - Return of Pointer Value Outside of Expected Range
Summary
nscd: netgroup cache assumes NSS callback uses in-buffer strings
The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory
when the NSS callback does not store all strings in the provided buffer.
The flaw was introduced in glibc 2.15 when the cache was added to nscd.
This vulnerability is only present in the nscd binary.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The GNU C Library | glibc |
Version: 2.15 < 2.40 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "glibc",
"vendor": "gnu",
"versions": [
{
"lessThan": "2.40",
"status": "affected",
"version": "2.15",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-33602",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T16:09:29.755117Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T16:26:29.854Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:36:04.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0012/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "glibc",
"vendor": "The GNU C Library",
"versions": [
{
"lessThan": "2.40",
"status": "affected",
"version": "2.15",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003enscd: netgroup cache assumes NSS callback uses in-buffer strings\u003cbr\u003e\u003cbr\u003eThe Name Service Cache Daemon\u0027s (nscd) netgroup cache can corrupt memory\u003cbr\u003ewhen the NSS callback does not store all strings in the provided buffer.\u003cbr\u003eThe flaw was introduced in glibc 2.15 when the cache was added to nscd.\u003cbr\u003e\u003cbr\u003eThis vulnerability is only present in the nscd binary.\u003c/div\u003e"
}
],
"value": "nscd: netgroup cache assumes NSS callback uses in-buffer strings\n\nThe Name Service Cache Daemon\u0027s (nscd) netgroup cache can corrupt memory\nwhen the NSS callback does not store all strings in the provided buffer.\nThe flaw was introduced in glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary."
}
],
"impacts": [
{
"capecId": "CAPEC-129",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-129 Pointer Manipulation"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-466",
"description": "CWE-466 Return of Pointer Value Outside of Expected Range",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-22T18:06:04.473Z",
"orgId": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"shortName": "glibc"
},
"references": [
{
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240524-0012/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "nscd: netgroup cache assumes NSS callback uses in-buffer strings",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"assignerShortName": "glibc",
"cveId": "CVE-2024-33602",
"datePublished": "2024-05-06T19:22:12.383Z",
"dateReserved": "2024-04-24T20:35:08.340Z",
"dateUpdated": "2025-02-13T17:52:21.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6780 (GCVE-0-2023-6780)
Vulnerability from cvelistv5
Published
2024-01-31 14:08
Modified
2025-06-17 21:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-131 - Incorrect Calculation of Buffer Size
Summary
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | glibc | |||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-02-07T17:02:41.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6780"
},
{
"name": "RHBZ#2254396",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254396"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202402-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250207-0010/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6780",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-31T16:36:34.378685Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T21:29:19.534Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "glibc",
"vendor": "n/a",
"versions": [
{
"status": "unaffected",
"version": "2.39"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "compat-glibc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "compat-glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "glibc",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://packages.fedoraproject.org/",
"defaultStatus": "affected",
"packageName": "glibc",
"product": "Fedora",
"vendor": "Fedora"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Qualys Threat Research Unit for reporting this issue."
}
],
"datePublic": "2024-01-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-131",
"description": "Incorrect Calculation of Buffer Size",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-26T15:30:47.720Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6780"
},
{
"name": "RHBZ#2254396",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254396"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/"
},
{
"url": "https://security.gentoo.org/glsa/202402-01"
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"url": "https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-12-08T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-01-30T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Glibc: integer overflow in __vsyslog_internal()",
"x_redhatCweChain": "CWE-190-\u003eCWE-131: Integer Overflow or Wraparound leads to Incorrect Calculation of Buffer Size"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-6780",
"datePublished": "2024-01-31T14:08:02.610Z",
"dateReserved": "2023-12-13T14:37:40.684Z",
"dateUpdated": "2025-06-17T21:29:19.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3326 (GCVE-0-2021-3326)
Vulnerability from cvelistv5
Published
2021-01-27 00:00
Modified
2025-06-09 15:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:53:17.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=7d88c6142c6efc160c0ee5e4f85cde382c072888"
},
{
"name": "[oss-security] 20210128 Re: glibc iconv crash with ISO-2022-JP-3",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/28/2"
},
{
"name": "GLSA-202107-07",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210304-0007/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-3326",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T15:17:18.701250Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-617",
"description": "CWE-617 Reachable Assertion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T15:18:04.653Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-17T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256"
},
{
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=7d88c6142c6efc160c0ee5e4f85cde382c072888"
},
{
"name": "[oss-security] 20210128 Re: glibc iconv crash with ISO-2022-JP-3",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/28/2"
},
{
"name": "GLSA-202107-07",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210304-0007/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-3326",
"datePublished": "2021-01-27T00:00:00.000Z",
"dateReserved": "2021-01-27T00:00:00.000Z",
"dateUpdated": "2025-06-09T15:18:04.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12133 (GCVE-0-2017-12133)
Vulnerability from cvelistv5
Published
2017-09-07 13:00
Modified
2024-08-05 18:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:16.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21115"
},
{
"name": "100679",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/100679"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=d42eed4a044e5e10dfb885cf9891c2518a72a491"
},
{
"name": "FEDORA-2017-270ab2baa3",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYZL6PAKI73XYRJYL5VLDGA4FFGWMB7A/"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-09T19:06:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21115"
},
{
"name": "100679",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "https://www.securityfocus.com/bid/100679"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=d42eed4a044e5e10dfb885cf9891c2518a72a491"
},
{
"name": "FEDORA-2017-270ab2baa3",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYZL6PAKI73XYRJYL5VLDGA4FFGWMB7A/"
},
{
"name": "USN-4416-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12133",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=21115",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21115"
},
{
"name": "100679",
"refsource": "BID",
"url": "https://www.securityfocus.com/bid/100679"
},
{
"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d42eed4a044e5e10dfb885cf9891c2518a72a491",
"refsource": "CONFIRM",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d42eed4a044e5e10dfb885cf9891c2518a72a491"
},
{
"name": "FEDORA-2017-270ab2baa3",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYZL6PAKI73XYRJYL5VLDGA4FFGWMB7A/"
},
{
"name": "USN-4416-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4416-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12133",
"datePublished": "2017-09-07T13:00:00",
"dateReserved": "2017-08-01T00:00:00",
"dateUpdated": "2024-08-05T18:28:16.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1000408 (GCVE-0-2017-1000408)
Vulnerability from cvelistv5
Published
2018-02-01 04:00
Modified
2024-08-05 22:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:41.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43331",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/43331/"
},
{
"name": "[oss-security] 20171211 Qualys Security Advisory - Buffer overflow in glibc\u0027s ld.so",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2017/q4/385"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"name": "[oss-security] 20190627 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/27/7"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/1"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2017-12-05T00:00:00",
"datePublic": "2018-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-28T20:06:05",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "43331",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/43331/"
},
{
"name": "[oss-security] 20171211 Qualys Security Advisory - Buffer overflow in glibc\u0027s ld.so",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2017/q4/385"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"name": "[oss-security] 20190627 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/27/7"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/1"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-12-05",
"ID": "CVE-2017-1000408",
"REQUESTER": "qsa@qualys.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43331",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43331/"
},
{
"name": "[oss-security] 20171211 Qualys Security Advisory - Buffer overflow in glibc\u0027s ld.so",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2017/q4/385"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190404-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"name": "[oss-security] 20190627 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/06/27/7"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/1"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000408",
"datePublished": "2018-02-01T04:00:00",
"dateReserved": "2017-12-05T00:00:00",
"dateUpdated": "2024-08-05T22:00:41.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-35942 (GCVE-0-2021-35942)
Vulnerability from cvelistv5
Published
2021-07-22 00:00
Modified
2024-08-04 00:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:40:47.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/glibc/wiki/Security%20Exceptions"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011"
},
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=5adda61f62b77384718b4c0d8336ade8f2b4b35c"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210827-0005/"
},
{
"name": "GLSA-202208-24",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-24"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-17T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceware.org/glibc/wiki/Security%20Exceptions"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011"
},
{
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=5adda61f62b77384718b4c0d8336ade8f2b4b35c"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210827-0005/"
},
{
"name": "GLSA-202208-24",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-24"
},
{
"name": "[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-35942",
"datePublished": "2021-07-22T00:00:00",
"dateReserved": "2021-06-29T00:00:00",
"dateUpdated": "2024-08-04T00:40:47.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2207 (GCVE-0-2013-2207)
Vulnerability from cvelistv5
Published
2013-10-09 22:00
Modified
2024-08-06 15:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.090Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15755"
},
{
"name": "55113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55113"
},
{
"name": "SUSE-SU-2015:1424",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html"
},
{
"name": "[libc-alpha] 20130812 The GNU C Library version 2.18 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://sourceware.org/ml/libc-alpha/2013-08/msg00160.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=976408"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15755"
},
{
"name": "55113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55113"
},
{
"name": "SUSE-SU-2015:1424",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html"
},
{
"name": "[libc-alpha] 20130812 The GNU C Library version 2.18 is now available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://sourceware.org/ml/libc-alpha/2013-08/msg00160.html"
},
{
"name": "SUSE-SU-2016:0470",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name": "USN-2985-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=976408"
},
{
"name": "GLSA-201503-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"name": "USN-2985-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2207",
"datePublished": "2013-10-09T22:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:27:41.090Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-29573 (GCVE-0-2020-29573)
Vulnerability from cvelistv5
Published
2020-12-05 23:18
Modified
2024-08-04 16:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:55:10.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26649"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210122-0004/"
},
{
"name": "GLSA-202101-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202101-20"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \\x00\\x04\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of \"Fixed for glibc 2.33\" in the 26649 reference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-25T02:06:25",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26649"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210122-0004/"
},
{
"name": "GLSA-202101-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202101-20"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-29573",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \\x00\\x04\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of \"Fixed for glibc 2.33\" in the 26649 reference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=26649",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26649"
},
{
"name": "https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html",
"refsource": "MISC",
"url": "https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210122-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210122-0004/"
},
{
"name": "GLSA-202101-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202101-20"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-29573",
"datePublished": "2020-12-05T23:18:58",
"dateReserved": "2020-12-05T00:00:00",
"dateUpdated": "2024-08-04T16:55:10.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0830 (GCVE-0-2010-0830)
Vulnerability from cvelistv5
Published
2010-06-01 20:00
Modified
2024-08-07 00:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:39.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2010:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"name": "GLSA-201011-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"name": "ADV-2010-1246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1246"
},
{
"name": "USN-944-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-944-1"
},
{
"name": "39900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39900"
},
{
"name": "SUSE-SA:2010:052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"name": "40063",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40063"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=db07e962b6ea963dbb345439f6ab9b0cf74d87c5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://frugalware.org/security/662"
},
{
"name": "MDVSA-2010:112",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"name": "DSA-2058",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"name": "glibc-elf-code-execution(58915)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58915"
},
{
"name": "1024044",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024044"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "MDVSA-2010:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"name": "GLSA-201011-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"name": "ADV-2010-1246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1246"
},
{
"name": "USN-944-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-944-1"
},
{
"name": "39900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39900"
},
{
"name": "SUSE-SA:2010:052",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"name": "40063",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40063"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=db07e962b6ea963dbb345439f6ab9b0cf74d87c5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://frugalware.org/security/662"
},
{
"name": "MDVSA-2010:112",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"name": "DSA-2058",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"name": "glibc-elf-code-execution(58915)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58915"
},
{
"name": "1024044",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024044"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2010-0830",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2010:111",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"name": "GLSA-201011-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"name": "ADV-2010-1246",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1246"
},
{
"name": "USN-944-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-944-1"
},
{
"name": "39900",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39900"
},
{
"name": "SUSE-SA:2010:052",
"refsource": "SUSE",
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"name": "40063",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40063"
},
{
"name": "http://drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html",
"refsource": "MISC",
"url": "http://drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html"
},
{
"name": "http://sourceware.org/git/?p=glibc.git;a=commit;h=db07e962b6ea963dbb345439f6ab9b0cf74d87c5",
"refsource": "CONFIRM",
"url": "http://sourceware.org/git/?p=glibc.git;a=commit;h=db07e962b6ea963dbb345439f6ab9b0cf74d87c5"
},
{
"name": "http://frugalware.org/security/662",
"refsource": "CONFIRM",
"url": "http://frugalware.org/security/662"
},
{
"name": "MDVSA-2010:112",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"name": "DSA-2058",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"name": "glibc-elf-code-execution(58915)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58915"
},
{
"name": "1024044",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024044"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2010-0830",
"datePublished": "2010-06-01T20:00:00",
"dateReserved": "2010-03-03T00:00:00",
"dateUpdated": "2024-08-07T00:59:39.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43396 (GCVE-0-2021-43396)
Vulnerability from cvelistv5
Published
2021-11-04 19:52
Modified
2024-08-04 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states "the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there's no security impact to the bug.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:55:28.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28524"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ff012870b2c02a62598c04daa1e54632e020fd7d"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.tuxcare.com/vulnerability/vulnerability-in-iconv-identified-by-tuxcare-team-cve-2021-43396"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious \u0027\\0\u0027 character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states \"the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there\u0027s no security impact to the bug."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-10T16:23:24",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28524"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ff012870b2c02a62598c04daa1e54632e020fd7d"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.tuxcare.com/vulnerability/vulnerability-in-iconv-identified-by-tuxcare-team-cve-2021-43396"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-43396",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious \u0027\\0\u0027 character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states \"the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there\u0027s no security impact to the bug.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=28524",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28524"
},
{
"name": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ff012870b2c02a62598c04daa1e54632e020fd7d",
"refsource": "MISC",
"url": "https://sourceware.org/git/?p=glibc.git;a=commit;h=ff012870b2c02a62598c04daa1e54632e020fd7d"
},
{
"name": "https://blog.tuxcare.com/vulnerability/vulnerability-in-iconv-identified-by-tuxcare-team-cve-2021-43396",
"refsource": "MISC",
"url": "https://blog.tuxcare.com/vulnerability/vulnerability-in-iconv-identified-by-tuxcare-team-cve-2021-43396"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-43396",
"datePublished": "2021-11-04T19:52:49",
"dateReserved": "2021-11-04T00:00:00",
"dateUpdated": "2024-08-04T03:55:28.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2013-05-02 14:55
Modified
2025-04-11 00:51
Severity ?
Summary
Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://dividead.wordpress.com/2009/06/01/glibc-timezone-integer-overflow/ | Exploit | |
| secalert@redhat.com | http://lists.grok.org.uk/pipermail/full-disclosure/2011-December/084452.html | ||
| secalert@redhat.com | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=97ac2654b2d831acaa18a2b018b0736245903fd2 | ||
| secalert@redhat.com | http://sourceware.org/ml/libc-alpha/2011-12/msg00037.html | Exploit | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=761245 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://dividead.wordpress.com/2009/06/01/glibc-timezone-integer-overflow/ | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.grok.org.uk/pipermail/full-disclosure/2011-December/084452.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=97ac2654b2d831acaa18a2b018b0736245903fd2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/ml/libc-alpha/2011-12/msg00037.html | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=761245 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78E4362C-F0B7-482C-AABD-F34E35ABCE85",
"versionEndIncluding": "2.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n __tzfile_read en glibc anterior a v2.15 que permite a atacantes dependientes del contexto causar una denegaci\u00f3n de servicios (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero timezone (TZ), como se demostr\u00f3 usando vsftpd."
}
],
"id": "CVE-2009-5029",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-05-02T14:55:01.380",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://dividead.wordpress.com/2009/06/01/glibc-timezone-integer-overflow/"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2011-December/084452.html"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=97ac2654b2d831acaa18a2b018b0736245903fd2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://sourceware.org/ml/libc-alpha/2011-12/msg00037.html"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=761245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://dividead.wordpress.com/2009/06/01/glibc-timezone-integer-overflow/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2011-December/084452.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=97ac2654b2d831acaa18a2b018b0736245903fd2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://sourceware.org/ml/libc-alpha/2011-12/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=761245"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-02 20:00
Modified
2025-04-11 00:51
Severity ?
Summary
The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://cxib.net/stuff/glob-0day.c | Exploit | |
| cve@mitre.org | http://securityreason.com/achievement_securityalert/89 | Exploit | |
| cve@mitre.org | http://securityreason.com/exploitalert/9223 | Exploit | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=681681 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cxib.net/stuff/glob-0day.c | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/achievement_securityalert/89 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/exploitalert/9223 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=681681 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49454811-DF3F-4FF2-93D9-9A95D1D82863",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de glob en la librer\u00eda de C de GNU (tambi\u00e9n conocido como glibc o libc6) permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (por CPU y consumo de memoria) a trav\u00e9s de expresiones glob debidamente modificadas que no coinciden con ninguna de los nombres de ruta, como lo demuestran las expresiones glob en los comandos STAT a un demonio de FTP. Se trata de una vulnerabilidad diferente a CVE-2010-2632."
}
],
"id": "CVE-2010-4756",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-03-02T20:00:01.037",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/exploitalert/9223"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681681"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://cxib.net/stuff/glob-0day.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/89"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/exploitalert/9223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-01-13 19:00
Modified
2025-04-11 00:51
Severity ?
Summary
Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://cxib.net/stuff/proftpd.gnu.c | Patch | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2011/Jan/78 | Exploit | |
| cve@mitre.org | http://secunia.com/advisories/42547 | Vendor Advisory | |
| cve@mitre.org | http://securityreason.com/achievement_securityalert/93 | Exploit | |
| cve@mitre.org | http://securityreason.com/securityalert/8003 | Exploit | |
| cve@mitre.org | http://securitytracker.com/id?1024832 | ||
| cve@mitre.org | http://www.exploit-db.com/exploits/15935 | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/912279 | US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/515589/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/45233 | Exploit | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=645859 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cxib.net/stuff/proftpd.gnu.c | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2011/Jan/78 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42547 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/achievement_securityalert/93 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/8003 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1024832 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.exploit-db.com/exploits/15935 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/912279 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/515589/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/45233 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=645859 | Exploit |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 1.00 | |
| gnu | glibc | 1.01 | |
| gnu | glibc | 1.02 | |
| gnu | glibc | 1.03 | |
| gnu | glibc | 1.04 | |
| gnu | glibc | 1.05 | |
| gnu | glibc | 1.06 | |
| gnu | glibc | 1.07 | |
| gnu | glibc | 1.08 | |
| gnu | glibc | 1.09 | |
| gnu | glibc | 1.09.1 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.3.10 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.10 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.10.2 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12.0 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "AA23C241-132B-423E-A22A-7206A8074D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F79978B1-8831-4169-B815-80138C85832C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "991EB676-F043-418D-BD81-0BB937236D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0C5DB0-602E-4296-884C-60E24FC80458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "3211F47C-DF6D-4355-95F8-DED317700621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "229BFD88-A90F-4D2B-97B9-822A7D87EAEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE253B0-D8E0-4099-8CA7-8925B4809F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*",
"matchCriteriaId": "D640F556-8181-4F15-B2F7-7EC7E8869FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*",
"matchCriteriaId": "061383CD-B9AD-41C6-8C46-F79870B9CD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*",
"matchCriteriaId": "9897B03F-A457-4B29-9C5E-FEA084D3BF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C3684B-CE01-46B5-9E41-BF58E6A5AA64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD93D5-70BB-475C-BDD3-DEDE9965C5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D70AB0-2910-4191-9980-5BA78E8F2E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A93600D-7271-4AF5-8133-C6AA5BC8543F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B4AFFF-A537-44BD-B97A-EFA9409DB8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD."
},
{
"lang": "es",
"value": "Vulnerabilidad de lconsumo de pila de memoria en la aplicaci\u00f3n regcomp en la Biblioteca de C de GNU (tambi\u00e9n conocido como glibc o libc6) hasta v2.11.3, y v2.12.x hasta v2.12.2, permite a atacantes dependientes de contexto para provocar una denegaci\u00f3n de servicio (agotamiento de recursos) a trav\u00e9s de expresi\u00f3n regular que contiene operadores de repetici\u00f3n adyacentes, como se demuestra con una secuencia {10} {10} {10} {10} en el exploit proftpd.gnu.c para ProFTPD."
}
],
"id": "CVE-2010-4052",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-01-13T19:00:02.963",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://cxib.net/stuff/proftpd.gnu.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2011/Jan/78"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42547"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/93"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/securityalert/8003"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1024832"
},
{
"source": "cve@mitre.org",
"url": "http://www.exploit-db.com/exploits/15935"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/912279"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/515589/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/45233"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645859"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cxib.net/stuff/proftpd.gnu.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2011/Jan/78"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/93"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/securityalert/8003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024832"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.exploit-db.com/exploits/15935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/912279"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/515589/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/45233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645859"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-08-26 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to ping6.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-1627.html | Vendor Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2015/01/29/21 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/72710 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1186614 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=981942 | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=18011 | ||
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=2e96f1c7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-1627.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/01/29/21 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72710 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1186614 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=981942 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=18011 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=2e96f1c7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A789ED-8F21-4477-A7E6-5018A4AB15BE",
"versionEndIncluding": "2.14.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to ping6."
},
{
"lang": "es",
"value": "Vulnerabilidad en la funci\u00f3n getaddrinfo en glibc en versiones anteriores a 2.15, cuando es compilado con libidn y es utilizado el indicador AI_IDN, permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio (liberaci\u00f3n de memoria no v\u00e1lida) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, seg\u00fan lo demostrado en un nombre de dominio internacionalizado para ping6."
}
],
"id": "CVE-2013-7424",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-08-26T19:59:00.110",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1627.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/01/29/21"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72710"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186614"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=981942"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18011"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=2e96f1c7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1627.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/01/29/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186614"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=981942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=2e96f1c7"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-17"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-19 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html | ||
| secalert@redhat.com | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| secalert@redhat.com | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2017-0680.html | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2016/01/19/11 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2016/01/20/1 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/83306 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-1 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-2 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:1916 | ||
| secalert@redhat.com | https://seclists.org/bugtraq/2019/Jun/14 | ||
| secalert@redhat.com | https://seclists.org/bugtraq/2019/Sep/7 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201702-11 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=16962 | ||
| secalert@redhat.com | https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2017-0680.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/01/19/11 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/01/20/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/83306 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1916 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Jun/14 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201702-11 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=16962 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| suse | linux_enterprise_debuginfo | 11.0 | |
| suse | linux_enterprise_debuginfo | 11.0 | |
| suse | linux_enterprise_debuginfo | 11.0 | |
| opensuse | opensuse | 13.2 | |
| suse | linux_enterprise_desktop | 11.0 | |
| suse | linux_enterprise_desktop | 11.0 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_server | 11.0 | |
| suse | linux_enterprise_server | 11.0 | |
| suse | linux_enterprise_server | 11.0 | |
| suse | linux_enterprise_server | 11.0 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_software_development_kit | 11.0 | |
| suse | linux_enterprise_software_development_kit | 11.0 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| suse | suse_linux_enterprise_server | 12 | |
| fedoraproject | fedora | 23 | |
| gnu | glibc | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "1FADFCB2-7D70-4778-9199-516E667177C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "174A8501-CFE4-430E-BB1F-DDF89F94A117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "480C8C21-8DA3-4EF2-8BCF-7CED031A3B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "1F33821F-22ED-4B6A-B70B-D38EDA658EE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "10F15C47-008C-4FFC-980B-A14E176C1F1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*",
"matchCriteriaId": "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp2:*:*:lts:*:*:*",
"matchCriteriaId": "380DDE38-767C-455A-8474-29BF32D66D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "01E21741-9D7D-42DD-B70D-5FD3053DE780",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "FD3677E0-7423-452A-8C1E-A20C5CC34CA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "D5BAC17C-EF31-4E94-9020-47B781AD94B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2076747F-A98E-4DD9-9B52-BF1732BCAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "ACC73EF8-7AD9-4113-9E3F-C93AF818CEB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "51FA1B64-D002-41CC-908F-3798122ACD25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2A1559-651C-46B0-B436-8E03DC8A60D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5A633996-2FD7-467C-BAA6-529E16BD06D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
"matchCriteriaId": "9C649194-B8C2-49F7-A819-C635EE584ABF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E32895-9C7B-4DE8-9BB5-0177406EB761",
"versionEndIncluding": "2.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de buffer basado en pila en la GNU C Library (tambi\u00e9n conocida como glibc o libc6) en versiones anteriores a 2.23 permiten a atacantes dependientes del contexto causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbirario a trav\u00e9s de un argumento largo en la funci\u00f3n (1) nan, (2) nanf o (3) nanl."
}
],
"id": "CVE-2014-9761",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-19T21:59:00.113",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/83306"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"source": "secalert@redhat.com",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "secalert@redhat.com",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16962"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/83306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-22 20:29
Modified
2025-04-20 01:37
Severity ?
Summary
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/101535 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:0805 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:1879 | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=22332 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=a159b53fa059947cc2548e3b0d5bdcf7b9630ba8 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101535 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:0805 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:1879 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=22332 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=a159b53fa059947cc2548e3b0d5bdcf7b9630ba8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "495E9424-0BBA-4820-B793-031DDAC80417",
"versionEndIncluding": "2.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator."
},
{
"lang": "es",
"value": "La funci\u00f3n glob en glob.c en la biblioteca GNU C (tambi\u00e9n llamada glibc o libc6) en versiones anteriores a la 2.27 contiene un desbordamiento de b\u00fafer durante la eliminaci\u00f3n del escape de nombres de usuario con el operador ~."
}
],
"id": "CVE-2017-15804",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-22T20:29:02.290",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/101535"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2018:1879"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22332"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=a159b53fa059947cc2548e3b0d5bdcf7b9630ba8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/101535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:1879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=a159b53fa059947cc2548e3b0d5bdcf7b9630ba8"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-12-18 01:29
Modified
2025-04-20 01:37
Severity ?
Summary
elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@debian.org | http://www.securityfocus.com/bid/102228 | Third Party Advisory, VDB Entry | |
| security@debian.org | https://access.redhat.com/errata/RHBA-2019:0327 | Third Party Advisory | |
| security@debian.org | https://access.redhat.com/errata/RHSA-2018:3092 | Third Party Advisory | |
| security@debian.org | https://bugs.debian.org/884615 | Issue Tracking, Mailing List, Patch, Third Party Advisory | |
| security@debian.org | https://sourceware.org/bugzilla/show_bug.cgi?id=22625 | Issue Tracking, Patch, Third Party Advisory | |
| security@debian.org | https://sourceware.org/ml/libc-alpha/2017-12/msg00528.html | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102228 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHBA-2019:0327 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3092 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.debian.org/884615 | Issue Tracking, Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=22625 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/ml/libc-alpha/2017-12/msg00528.html | Issue Tracking, Patch, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "1829B291-7B55-4B4A-9CA4-8784932935B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D625EEF2-DB23-4DFE-AF1C-BEE2DD38C54D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "47C2E388-06A8-4AD0-9511-749FD10D2936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB1928D-6A44-4B2D-A9BB-4656AF47317B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "32938018-220F-4444-984C-2D0CACFAAD04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "36AD162E-4C9C-48A5-B2BF-9C0B4BDD5822",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "7B1B17E4-66FB-48F1-A417-2B502955257A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution."
},
{
"lang": "es",
"value": "elf/dl-load.c en la biblioteca GNU C (tambi\u00e9n llamada glibc o libc6) desde la versi\u00f3n 2.19 hasta la 2.26 manipula incorrectamente RPATH y RUNPATH que contienen $ORIGIN para un programa privilegiado (setuid o AT_SECURE), lo que permite que los usuarios locales obtengan privilegios mediante una librer\u00eda con malware troyano en el directorio actual. Esto est\u00e1 relacionado con las funciones fillin_rpath y decompose_rpath. Esto se asocia con la interpretaci\u00f3n incorrecta de un token RPATH/RUNPATH vac\u00edo como el directorio \"./\". NOTA: esta configuraci\u00f3n de RPATH/RUNPATH para un programa privilegiado es aparentemente muy poco com\u00fan. Lo m\u00e1s probable es que este programa no se provea con una distribuci\u00f3n de Linux com\u00fan."
}
],
"id": "CVE-2017-16997",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-18T01:29:00.190",
"references": [
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102228"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"source": "security@debian.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.debian.org/884615"
},
{
"source": "security@debian.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22625"
},
{
"source": "security@debian.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/ml/libc-alpha/2017-12/msg00528.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.debian.org/884615"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/ml/libc-alpha/2017-12/msg00528.html"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-426"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-12-06 00:15
Modified
2024-11-21 05:24
Severity ?
Summary
sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://security.gentoo.org/glsa/202101-20 | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20210122-0004/ | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=26649 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202101-20 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210122-0004/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=26649 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| redhat | enterprise_linux | 7.0 | |
| netapp | cloud_backup | - | |
| netapp | solidfire_baseboard_management_controller | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "259FD5B6-25C2-46CB-8934-EDAA7E0F9549",
"versionEndExcluding": "2.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090AA6F4-4404-4E26-82AB-C3A22636F276",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \\x00\\x04\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of \"Fixed for glibc 2.33\" in the 26649 reference."
},
{
"lang": "es",
"value": "El archivo sysdeps/i386/ldbl2mpn.c en la GNU C Library (tambi\u00e9n se conoce como glibc o libc6) versiones anteriores a 2.23 en objetivos x86 presenta un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria si la entrada a cualquiera de la familia funciones printf es un doble longitud de 80 bits con un patr\u00f3n de bits no can\u00f3nico, como se ve al pasar un valor \\x00\\x04\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x04 a sprintf. NOTA: la cuesti\u00f3n no afecta a la glibc por defecto en 2016 o m\u00e1s tarde (es decir, 2,23 o m\u00e1s tarde), debido a los compromisos contra\u00eddos en 2015 para alinear las funciones matem\u00e1ticas del C99 mediante el uso de los elementos incorporados del GCC. En otras palabras, la referencia a 2.23 es intencional a pesar de la menci\u00f3n de \"Fijado para glibc 2.33\" en la referencia 26649"
}
],
"id": "CVE-2020-29573",
"lastModified": "2024-11-21T05:24:14.110",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-06T00:15:11.567",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210122-0004/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26649"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210122-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26649"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=109899903129801&w=2 | ||
| cve@mitre.org | http://www.debian.org/security/2005/dsa-636 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2004:159 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-261.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=109899903129801&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-636 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2004:159 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-261.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.3.10 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 | |
| gnu | glibc | 2.3.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD93D5-70BB-475C-BDD3-DEDE9965C5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47AD8A88-DAF0-4206-8661-70075BA2AE55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968."
}
],
"id": "CVE-2004-1382",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109899903129801\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-636"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:159"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-261.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109899903129801\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-261.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-06-01 20:30
Modified
2025-04-11 00:51
Severity ?
Summary
Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6) before 2.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted format string, as demonstrated by the %99999999999999999999n string, a related issue to CVE-2008-1391.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-201011-01.xml | ||
| cve@mitre.org | http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600 | ||
| cve@mitre.org | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=153aa31b93be22e01b236375fb02a9f9b9a0195f | ||
| cve@mitre.org | http://www.debian.org/security/2010/dsa-2058 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2010:111 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/59241 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201011-01.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=153aa31b93be22e01b236375fb02a9f9b9a0195f | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2058 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:111 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/59241 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 1.00 | |
| gnu | glibc | 1.01 | |
| gnu | glibc | 1.02 | |
| gnu | glibc | 1.03 | |
| gnu | glibc | 1.04 | |
| gnu | glibc | 1.05 | |
| gnu | glibc | 1.06 | |
| gnu | glibc | 1.07 | |
| gnu | glibc | 1.08 | |
| gnu | glibc | 1.09 | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.3.10 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 | |
| gnu | glibc | 2.3.5 | |
| gnu | glibc | 2.3.6 | |
| gnu | glibc | 2.3.10 | |
| gnu | glibc | 2.4 | |
| gnu | glibc | 2.5 | |
| gnu | glibc | 2.5.1 | |
| gnu | glibc | 2.6 | |
| gnu | glibc | 2.6.1 | |
| gnu | glibc | 2.7 | |
| gnu | glibc | 2.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C46C4F2-7B52-43A2-AB05-701C60EA4817",
"versionEndIncluding": "2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "AA23C241-132B-423E-A22A-7206A8074D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F79978B1-8831-4169-B815-80138C85832C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "991EB676-F043-418D-BD81-0BB937236D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0C5DB0-602E-4296-884C-60E24FC80458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "3211F47C-DF6D-4355-95F8-DED317700621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "229BFD88-A90F-4D2B-97B9-822A7D87EAEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE253B0-D8E0-4099-8CA7-8925B4809F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*",
"matchCriteriaId": "D640F556-8181-4F15-B2F7-7EC7E8869FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*",
"matchCriteriaId": "061383CD-B9AD-41C6-8C46-F79870B9CD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*",
"matchCriteriaId": "9897B03F-A457-4B29-9C5E-FEA084D3BF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD93D5-70BB-475C-BDD3-DEDE9965C5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44A511B6-72EC-4200-8C1C-BDE30BC2431A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B03C644D-0EF9-4586-96D5-5DEE78D9D5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47AD8A88-DAF0-4206-8661-70075BA2AE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42AD17CD-545F-425A-92CF-0EE5F5B5F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0660536D-7F82-4B91-8B84-704D26FE989F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E2037E8C-43E8-4121-B877-1834282ACD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5E85-9AFA-429A-AC51-8D8EC2841330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D41ABE25-DECD-4068-93DA-0B85281FD93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "84600406-0CE2-46EA-A5AD-4CC0D3494AB7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6) before 2.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted format string, as demonstrated by the %99999999999999999999n string, a related issue to CVE-2008-1391."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n \"__vstrfmon_l\" de \"tdlib/strfmon_l.c\" en la implementaci\u00f3n \"strfmon\" en la Librer\u00eda C GNU (tambi\u00e9n conocida como glibc or libc6) anteriores a v2.10.1 permite a atacantes locales o remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de una cadena con formato manipulado, como se demostr\u00f3 con la cadena %99999999999999999999n, relacionada con CVE-2008-1391."
}
],
"id": "CVE-2009-4881",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-06-01T20:30:02.727",
"references": [
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"source": "cve@mitre.org",
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600"
},
{
"source": "cve@mitre.org",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=153aa31b93be22e01b236375fb02a9f9b9a0195f"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=153aa31b93be22e01b236375fb02a9f9b9a0195f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59241"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-01-13 19:00
Modified
2025-04-11 00:51
Severity ?
Summary
The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a "RE_DUP_MAX overflow."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://cxib.net/stuff/proftpd.gnu.c | Patch | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2011/Jan/78 | Exploit | |
| cve@mitre.org | http://secunia.com/advisories/42547 | Vendor Advisory | |
| cve@mitre.org | http://securityreason.com/achievement_securityalert/93 | Exploit | |
| cve@mitre.org | http://securityreason.com/securityalert/8003 | Exploit | |
| cve@mitre.org | http://securitytracker.com/id?1024832 | ||
| cve@mitre.org | http://www.exploit-db.com/exploits/15935 | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/912279 | US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/515589/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/45233 | Exploit | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=645859 | Exploit | |
| cve@mitre.org | https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cxib.net/stuff/proftpd.gnu.c | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2011/Jan/78 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42547 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/achievement_securityalert/93 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/8003 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1024832 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.exploit-db.com/exploits/15935 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/912279 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/515589/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/45233 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=645859 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 1.00 | |
| gnu | glibc | 1.01 | |
| gnu | glibc | 1.02 | |
| gnu | glibc | 1.03 | |
| gnu | glibc | 1.04 | |
| gnu | glibc | 1.05 | |
| gnu | glibc | 1.06 | |
| gnu | glibc | 1.07 | |
| gnu | glibc | 1.08 | |
| gnu | glibc | 1.09 | |
| gnu | glibc | 1.09.1 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.3.10 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.10 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.10.2 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12.0 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "AA23C241-132B-423E-A22A-7206A8074D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F79978B1-8831-4169-B815-80138C85832C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "991EB676-F043-418D-BD81-0BB937236D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0C5DB0-602E-4296-884C-60E24FC80458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "3211F47C-DF6D-4355-95F8-DED317700621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "229BFD88-A90F-4D2B-97B9-822A7D87EAEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE253B0-D8E0-4099-8CA7-8925B4809F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*",
"matchCriteriaId": "D640F556-8181-4F15-B2F7-7EC7E8869FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*",
"matchCriteriaId": "061383CD-B9AD-41C6-8C46-F79870B9CD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*",
"matchCriteriaId": "9897B03F-A457-4B29-9C5E-FEA084D3BF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C3684B-CE01-46B5-9E41-BF58E6A5AA64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD93D5-70BB-475C-BDD3-DEDE9965C5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D70AB0-2910-4191-9980-5BA78E8F2E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A93600D-7271-4AF5-8133-C6AA5BC8543F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B4AFFF-A537-44BD-B97A-EFA9409DB8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a \"RE_DUP_MAX overflow.\""
},
{
"lang": "es",
"value": "La implementaci\u00f3n de regcomp en la librer\u00eda de C de GNU (tambi\u00e9n conocido como glibc o libc6) desde v2.11.3 y v2.12.x hasta v2.12.2, permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de una expresi\u00f3n regular que contiene repeticiones delimitadas adjacentes que pretenden evitar la limitaci\u00f3n RE_DUP_MAX, como se demuestra mediante la secuencia {10} {10} {10} {10} {10} en el exploit proftpd.gnu.c para ProFTPD, relacionado con un desbordamiento de \"RE_DUP_MAX\"."
}
],
"id": "CVE-2010-4051",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-01-13T19:00:02.900",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://cxib.net/stuff/proftpd.gnu.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2011/Jan/78"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42547"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/93"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/securityalert/8003"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1024832"
},
{
"source": "cve@mitre.org",
"url": "http://www.exploit-db.com/exploits/15935"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/912279"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/515589/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/45233"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645859"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cxib.net/stuff/proftpd.gnu.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2011/Jan/78"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/93"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/securityalert/8003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024832"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.exploit-db.com/exploits/15935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/912279"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/515589/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/45233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645859"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-18 16:29
Modified
2024-11-21 03:42
Severity ?
Summary
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/104256 | Broken Link | |
| cve@mitre.org | https://access.redhat.com/errata/RHBA-2019:0327 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:3092 | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190329-0001/ | Broken Link | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190401-0001/ | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=23196 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/4416-1/ | Third Party Advisory | |
| cve@mitre.org | https://www.exploit-db.com/exploits/44750/ | Broken Link, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104256 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHBA-2019:0327 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3092 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190329-0001/ | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190401-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=23196 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4416-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/44750/ | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| redhat | virtualization_host | 4.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| oracle | communications_session_border_controller | 8.0.0 | |
| oracle | communications_session_border_controller | 8.1.0 | |
| oracle | communications_session_border_controller | 8.2.0 | |
| oracle | enterprise_communications_broker | 3.0.0 | |
| oracle | enterprise_communications_broker | 3.1.0 | |
| netapp | data_ontap_edge | - | |
| netapp | element_software_management | - | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9D63BD8-48E5-437B-AD45-F7EE4AD52EE0",
"versionEndIncluding": "2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F59AE20-7B9D-47A5-9E0D-A73F4A0E7D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4AF039-F3B6-45EB-A87E-8BCCF822AE23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "404A4EE8-6572-4B35-8C6A-A3CB8F1308A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_communications_broker:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17C9CFFB-0F3A-4E59-B6C9-9C8A20BB9B91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E11C65C3-1B17-4362-A99C-59583081A24D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software_management:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E63EEA7-05AB-4B1C-9061-AF357566DCDA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper."
},
{
"lang": "es",
"value": "Una implementaci\u00f3n optimizada para AVX-512 de la funci\u00f3n mempcpy en GNU C Library (tambi\u00e9n conocido como glibc o libc6), en versiones 2.27 y anteriores, podr\u00eda escribir datos m\u00e1s all\u00e1 del b\u00fafer objetivo, lo que desemboca en un desbordamiento de b\u00fafer en __mempcpy_avx512_no_vzeroupper."
}
],
"id": "CVE-2018-11237",
"lastModified": "2024-11-21T03:42:58.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-18T16:29:00.417",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/104256"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://security.netapp.com/advisory/ntap-20190329-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190401-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23196"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44750/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/104256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://security.netapp.com/advisory/ntap-20190329-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190401-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44750/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-12-04 07:15
Modified
2025-06-09 16:15
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
Summary
The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/ | ||
| cve@mitre.org | https://security.gentoo.org/glsa/202101-20 | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20210122-0004/ | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=26923 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202101-20 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210122-0004/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=26923 | Exploit, Issue Tracking, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| fedoraproject | fedora | 32 | |
| netapp | e-series_santricity_os_controller | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CBCC2E-045F-4217-9D45-A862087B4F43",
"versionEndIncluding": "2.32",
"versionStartIncluding": "2.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1E9594-C46F-40D1-8BC2-6B16635B55C4",
"versionEndIncluding": "11.60.3",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service."
},
{
"lang": "es",
"value": "La funci\u00f3n iconv en la GNU C Library (tambi\u00e9n se conoce como glibc o libc6) versiones 2.30 hasta 2.32, al convertir texto UCS4 que contiene un car\u00e1cter irreversible, se comete un fallo en una aserci\u00f3n en la ruta del c\u00f3digo y aborta el programa, lo que potencialmente resulta en una denegaci\u00f3n de servicio"
}
],
"id": "CVE-2020-29562",
"lastModified": "2025-06-09T16:15:32.127",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2020-12-04T07:15:11.003",
"references": [
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210122-0004/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210122-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26923"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-18 17:15
Modified
2025-04-30 20:15
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/errata/RHBA-2024:2413 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:5453 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:5455 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:7409 | ||
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2023-4806 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2237782 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/03/4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/03/5 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/03/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/03/8 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:5453 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:5455 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:7409 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2023-4806 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2237782 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-03 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20240125-0008/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.33 | |
| redhat | codeready_linux_builder_eus | 9.2 | |
| redhat | codeready_linux_builder_eus_for_power_little_endian | 9.0_ppc64le | |
| redhat | codeready_linux_builder_eus_for_power_little_endian_eus | 9.2_ppc64le | |
| redhat | codeready_linux_builder_for_arm64 | 9.0_aarch64 | |
| redhat | codeready_linux_builder_for_arm64_eus | 9.2_aarch64 | |
| redhat | codeready_linux_builder_for_ibm_z_systems | 9.0_s390x | |
| redhat | codeready_linux_builder_for_ibm_z_systems_eus | 9.2_s390x | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 | |
| redhat | enterprise_linux_eus | 8.8 | |
| redhat | enterprise_linux_eus | 9.2 | |
| redhat | enterprise_linux_for_arm_64 | 9.0_aarch64 | |
| redhat | enterprise_linux_for_arm_64_eus | 9.2_aarch64 | |
| redhat | enterprise_linux_for_ibm_z_systems | 8.0_s390x | |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 8.8_s390x | |
| redhat | enterprise_linux_for_ibm_z_systems_eus_s390x | 9.2 | |
| redhat | enterprise_linux_for_ibm_z_systems_s390x | 9.2 | |
| redhat | enterprise_linux_for_power_little_endian | 8.0_ppc64le | |
| redhat | enterprise_linux_for_power_little_endian | 9.2_ppc64le | |
| redhat | enterprise_linux_for_power_little_endian_eus | 8.8_ppc64le | |
| redhat | enterprise_linux_for_power_little_endian_eus | 9.2_ppc64le | |
| redhat | enterprise_linux_server_aus | 9.2 | |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | 9.2_ppc64le | |
| redhat | enterprise_linux_tus | 8.8 | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 | |
| fedoraproject | fedora | 39 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "1754FEE6-54B9-4367-BE30-D98FD3B32FF6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "936B046D-ADEB-4701-8957-AC28CFA9C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "98638583-9933-42F2-964E-7F8E7CF36918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "056DABF5-0C1D-4EBA-B02B-443BACB20D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "910C9542-26FC-4635-9351-128727971830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "09AAD850-019A-46B8-A5A1-845DE048D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3C5EAE-267F-410F-8AFA-8F5B68A9E617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "86034E5B-BCDD-4AFD-A460-38E790F608F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "9A879F9F-F087-45D4-BD65-2990276477D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "32AF225E-94C0-4D07-900C-DD868C05F554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "22C65F53-D624-48A9-A9B7-4C78A31E19F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus_s390x:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA1F902F-1AD5-489F-B420-A3574D1880B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_s390x:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAC443B-622E-49FB-8C0F-2864B7EF5F80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "23D471AC-7DCA-4425-AD91-E5D928753A8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "ED521457-498F-4E43-B714-9A3F2C3CD09A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "F91F9255-4EE1-43C7-8831-D2B6C228BFD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "99952557-C766-4B9E-8BF5-DBBA194349FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6A25CB-907A-4D05-8460-A2488938A8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_tus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "22D28543-C7C5-46B0-B909-20435AF7A501",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en glibc. En una situaci\u00f3n extremadamente rara, la funci\u00f3n getaddrinfo puede acceder a la memoria que se ha liberado, lo que provoca un bloqueo de la aplicaci\u00f3n. Este problema solo se puede explotar cuando un m\u00f3dulo NSS implementa solo los hooks _nss_*_gethostbyname2_r y _nss_*_getcanonname_r sin implementar el hook _nss_*_gethostbyname3_r. El nombre resuelto debe devolver una gran cantidad de direcciones IPv6 e IPv4, y la llamada a la funci\u00f3n getaddrinfo debe tener la familia de direcciones AF_INET6 con AI_CANONNAME, AI_ALL y AI_V4MAPPED como indicadores."
}
],
"id": "CVE-2023-4806",
"lastModified": "2025-04-30T20:15:19.963",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-18T17:15:55.813",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHBA-2024:2413"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2023:7409"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4806"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2023:7409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4806"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202310-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20240125-0008/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-06 20:15
Modified
2025-06-18 14:56
Severity ?
Summary
nscd: Stack-based buffer overflow in netgroup cache
If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted
by client requests then a subsequent client request for netgroup data
may result in a stack-based buffer overflow. This flaw was introduced
in glibc 2.15 when the cache was added to nscd.
This vulnerability is only present in the nscd binary.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | http://www.openwall.com/lists/oss-security/2024/07/22/5 | Mailing List, Third Party Advisory | |
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html | Mailing List, Third Party Advisory | |
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | https://security.netapp.com/advisory/ntap-20240524-0011/ | Third Party Advisory | |
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/07/22/5 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20240524-0011/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005 | Broken Link |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| debian | debian_linux | 10.0 | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| netapp | hci_bootstrap_os | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D95E16DA-1F17-4B1B-B231-7A4DEDA8C7BA",
"versionEndExcluding": "2.40",
"versionStartIncluding": "2.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C767AA1-88B7-48F0-9F31-A89D16DCD52C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "nscd: Stack-based buffer overflow in netgroup cache\n\nIf the Name Service Cache Daemon\u0027s (nscd) fixed size cache is exhausted\nby client requests then a subsequent client request for netgroup data\nmay result in a stack-based buffer overflow. This flaw was introduced\nin glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary."
},
{
"lang": "es",
"value": "nscd: desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en la cach\u00e9 de netgroup Si la cach\u00e9 de tama\u00f1o fijo del daemon de cach\u00e9 del servicio de nombres (nscd) se agota debido a las solicitudes de los clientes, una solicitud posterior del cliente de datos de netgroup puede provocar un desbordamiento del b\u00fafer basado en la pila. Esta falla se introdujo en glibc 2.15 cuando se agreg\u00f3 el cach\u00e9 a nscd. Esta vulnerabilidad s\u00f3lo est\u00e1 presente en el binario nscd."
}
],
"id": "CVE-2024-33599",
"lastModified": "2025-06-18T14:56:01.037",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-05-06T20:15:11.437",
"references": [
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
},
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0011/"
},
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Broken Link"
],
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0011/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005"
}
],
"sourceIdentifier": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-29 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@debian.org | http://linux.oracle.com/errata/ELSA-2015-0092.html | ||
| security@debian.org | http://www.debian.org/security/2014/dsa-2976 | ||
| security@debian.org | http://www.mandriva.com/security/advisories?name=MDVSA-2014:152 | ||
| security@debian.org | http://www.openwall.com/lists/oss-security/2014/07/10/7 | ||
| security@debian.org | http://www.openwall.com/lists/oss-security/2014/07/14/6 | ||
| security@debian.org | http://www.securityfocus.com/bid/68505 | ||
| security@debian.org | http://www.securitytracker.com/id/1030569 | ||
| security@debian.org | https://rhn.redhat.com/errata/RHSA-2014-1110.html | ||
| security@debian.org | https://security.gentoo.org/glsa/201602-02 | ||
| security@debian.org | https://sourceware.org/bugzilla/show_bug.cgi?id=17137 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://linux.oracle.com/errata/ELSA-2015-0092.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-2976 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2014:152 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/07/10/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/07/14/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/68505 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1030569 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2014-1110.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201602-02 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=17137 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 | |
| gnu | glibc | 2.13 | |
| gnu | glibc | 2.14 | |
| gnu | glibc | 2.14.1 | |
| gnu | glibc | 2.15 | |
| gnu | glibc | 2.16 | |
| gnu | glibc | 2.17 | |
| gnu | glibc | 2.18 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "341320B9-8C6F-40EC-ADF9-0EA8A7D51FF8",
"versionEndIncluding": "2.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "18F57529-10DF-447A-8C53-DD4B1C2AA21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5D113-EF53-4690-92AC-B6E54D70AA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92B1C39D-1183-4FAE-85C2-D1DC7AA6F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "733A1711-D2FC-45C6-9542-893860851F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4CFA8E-9892-4DDA-9DB2-581711E974A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E91F85-7872-4290-BE7F-C966AC2773CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5491CD-F3D6-4B09-AE44-62285F6B462A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de salto de directorio en GNU C Library (tambi\u00e9n conocido como glibc or libc6) anterior a 2.20 permiten a atacantes dependientes de contexto evadir las restricciones ForceCommand y posiblemente tener otro impacto no especificado a trav\u00e9s de un .. (punto punto) en una variable (1) LC_*, (2) LANG o otra variable del entorno local."
}
],
"id": "CVE-2014-0475",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-29T14:55:05.077",
"references": [
{
"source": "security@debian.org",
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2014/dsa-2976"
},
{
"source": "security@debian.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:152"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2014/07/10/7"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2014/07/14/6"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/68505"
},
{
"source": "security@debian.org",
"url": "http://www.securitytracker.com/id/1030569"
},
{
"source": "security@debian.org",
"url": "https://rhn.redhat.com/errata/RHSA-2014-1110.html"
},
{
"source": "security@debian.org",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "security@debian.org",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-2976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/07/10/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/07/14/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/68505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2014-1110.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17137"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-04 18:15
Modified
2025-06-09 16:15
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f%40%3Cjira.kafka.apache.org%3E | ||
| cve@mitre.org | https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7%40%3Cdev.kafka.apache.org%3E | ||
| cve@mitre.org | https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2%40%3Cjira.kafka.apache.org%3E | ||
| cve@mitre.org | https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9%40%3Cjira.kafka.apache.org%3E | ||
| cve@mitre.org | https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff%40%3Cjira.kafka.apache.org%3E | ||
| cve@mitre.org | https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece%40%3Cissues.zookeeper.apache.org%3E | ||
| cve@mitre.org | https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc%40%3Cdev.zookeeper.apache.org%3E | ||
| cve@mitre.org | https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c%40%3Cissues.zookeeper.apache.org%3E | ||
| cve@mitre.org | https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E | ||
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/ | ||
| cve@mitre.org | https://security.gentoo.org/glsa/202107-07 | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20210205-0004/ | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=24973 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ee7a3144c9922808181009b7b3e50e852fb4999b | ||
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuapr2022.html | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f%40%3Cjira.kafka.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7%40%3Cdev.kafka.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2%40%3Cjira.kafka.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9%40%3Cjira.kafka.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff%40%3Cjira.kafka.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece%40%3Cissues.zookeeper.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc%40%3Cdev.zookeeper.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c%40%3Cissues.zookeeper.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202107-07 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210205-0004/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=24973 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ee7a3144c9922808181009b7b3e50e852fb4999b | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Not Applicable |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| netapp | ontap_select_deploy_administration_utility | - | |
| netapp | service_processor | - | |
| broadcom | fabric_operating_system | - | |
| netapp | a250_firmware | - | |
| netapp | a250 | - | |
| netapp | 500f_firmware | - | |
| netapp | 500f | - | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D747200-4C8A-4BAE-9818-BD1458253D8F",
"versionEndIncluding": "2.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:service_processor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "146A767F-DC04-454B-9913-17D3A2B5AAA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:-:*:*:*:*:*:*:*",
"matchCriteriaId": "046FB51E-B768-44D3-AEB5-D857145CA840",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1236B66D-EB11-4324-929F-E2B86683C3C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "281DFC67-46BB-4FC2-BE03-3C65C9311F65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF32BB1-9A58-4821-AE49-5D5C8200631F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F21DE67F-CDFD-4D36-9967-633CD0240C6F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read."
},
{
"lang": "es",
"value": "La funcionalidad iconv en la biblioteca GNU C (tambi\u00e9n se conoce como glibc o libc6) versiones hasta 2.32, cuando se procesan secuencias de entrada multibyte no v\u00e1lidas en la codificaci\u00f3n EUC-KR, puede tener una lectura excesiva del b\u00fafer."
}
],
"id": "CVE-2019-25013",
"lastModified": "2025-06-09T16:15:30.703",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2021-01-04T18:15:13.027",
"references": [
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7%40%3Cdev.kafka.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece%40%3Cissues.zookeeper.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc%40%3Cdev.zookeeper.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c%40%3Cissues.zookeeper.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210205-0004/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ee7a3144c9922808181009b7b3e50e852fb4999b"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7%40%3Cdev.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece%40%3Cissues.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc%40%3Cdev.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c%40%3Cissues.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210205-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ee7a3144c9922808181009b7b3e50e852fb4999b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-12 22:15
Modified
2025-04-30 20:15
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/errata/RHBA-2024:2413 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:5453 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:5455 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:7409 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2023-4813 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2237798 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/03/8 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:5453 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:5455 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:7409 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2023-4813 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2237798 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20231110-0003/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 | |
| redhat | enterprise_linux_eus | 8.8 | |
| redhat | enterprise_linux_eus | 9.2 | |
| redhat | enterprise_linux_for_ibm_z_systems_eus_s390x | 9.2 | |
| redhat | enterprise_linux_for_ibm_z_systems_s390x | 9.2 | |
| redhat | enterprise_linux_for_power_little_endian | 9.2_ppc64le | |
| redhat | enterprise_linux_for_power_little_endian_eus | 9.2_ppc64le | |
| redhat | enterprise_linux_server_aus | 9.2 | |
| redhat | enterprise_linux_server_tus | 8.8 | |
| fedoraproject | fedora | 38 | |
| netapp | active_iq_unified_manager | - | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "467030AA-C1F8-46BE-ACC1-9B6A737DC39D",
"versionEndExcluding": "2.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus_s390x:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA1F902F-1AD5-489F-B420-A3574D1880B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_s390x:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAC443B-622E-49FB-8C0F-2864B7EF5F80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "ED521457-498F-4E43-B714-9A3F2C3CD09A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "99952557-C766-4B9E-8BF5-DBBA194349FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en glibc. En una situaci\u00f3n poco com\u00fan, la funci\u00f3n gaih_inet puede utilizar memoria que se ha liberado, lo que provoca un bloqueo de la aplicaci\u00f3n. Este problema solo se puede explotar cuando se llama a la funci\u00f3n getaddrinfo y la base de datos de hosts en /etc/nsswitch.conf est\u00e1 configurada con SUCCESS=continue o SUCCESS=merge."
}
],
"id": "CVE-2023-4813",
"lastModified": "2025-04-30T20:15:20.147",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-12T22:15:08.277",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHBA-2024:2413"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7409"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4813"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4813"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20231110-0003/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-01-28 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/ | Third Party Advisory | |
| secalert@redhat.com | http://linux.oracle.com/errata/ELSA-2015-0090.html | Third Party Advisory | |
| secalert@redhat.com | http://linux.oracle.com/errata/ELSA-2015-0092.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=142296726407499&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=142721102728110&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=142721102728110&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=142722450701342&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=142781412222323&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=142781412222323&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=143145428124857&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html | Exploit, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html | Exploit, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | Exploit, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html | Exploit, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html | Exploit, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2015-0126.html | Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2015/Jan/111 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2019/Jun/18 | Exploit, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2021/Sep/0 | Exploit, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2022/Jun/36 | Exploit, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/oss-sec/2015/q1/269 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/oss-sec/2015/q1/274 | Exploit, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/62517 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62640 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62667 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62680 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62681 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62688 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62690 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62691 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62692 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62698 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62715 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62758 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62812 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62813 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62816 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62865 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62870 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62871 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62879 | Not Applicable | |
| secalert@redhat.com | http://secunia.com/advisories/62883 | Not Applicable | |
| secalert@redhat.com | http://support.apple.com/kb/HT204942 | Third Party Advisory | |
| secalert@redhat.com | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=swg21695695 | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=swg21695774 | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=swg21695835 | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=swg21695860 | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=swg21696131 | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=swg21696243 | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=swg21696526 | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=swg21696600 | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=swg21696602 | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=swg21696618 | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2015/dsa-3142 | Third Party Advisory | |
| secalert@redhat.com | http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf | Broken Link, URL Repurposed | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2015:039 | Third Party Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2021/05/04/7 | Exploit, Mailing List | |
| secalert@redhat.com | http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | Patch, Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | Patch, Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | Patch, Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | Patch, Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | Patch, Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/archive/1/534845/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securityfocus.com/bid/72325 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securityfocus.com/bid/91787 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1032909 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 | Broken Link, Permissions Required | |
| secalert@redhat.com | https://bto.bluecoat.com/security-advisory/sa90 | Third Party Advisory | |
| secalert@redhat.com | https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf | Third Party Advisory | |
| secalert@redhat.com | https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability | Third Party Advisory | |
| secalert@redhat.com | https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668 | Third Party Advisory | |
| secalert@redhat.com | https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes | Third Party Advisory | |
| secalert@redhat.com | https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671 | Third Party Advisory | |
| secalert@redhat.com | https://kc.mcafee.com/corporate/index?page=content&id=SB10100 | Third Party Advisory | |
| secalert@redhat.com | https://seclists.org/bugtraq/2019/Jun/14 | Exploit, Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201503-04 | Third Party Advisory | |
| secalert@redhat.com | https://security.netapp.com/advisory/ntap-20150127-0001/ | Third Party Advisory | |
| secalert@redhat.com | https://support.apple.com/HT205267 | Third Party Advisory | |
| secalert@redhat.com | https://support.apple.com/HT205375 | Third Party Advisory | |
| secalert@redhat.com | https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9 | Third Party Advisory | |
| secalert@redhat.com | https://www.f-secure.com/en/web/labs_global/fsc-2015-1 | Third Party Advisory | |
| secalert@redhat.com | https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt | Third Party Advisory | |
| secalert@redhat.com | https://www.sophos.com/en-us/support/knowledgebase/121879.aspx | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://linux.oracle.com/errata/ELSA-2015-0090.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://linux.oracle.com/errata/ELSA-2015-0092.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=142296726407499&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=142721102728110&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=142721102728110&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=142722450701342&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=142781412222323&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=142781412222323&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=143145428124857&w=2 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0126.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2015/Jan/111 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Jun/18 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2021/Sep/0 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2022/Jun/36 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/oss-sec/2015/q1/269 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/oss-sec/2015/q1/274 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62517 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62640 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62667 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62680 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62681 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62688 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62690 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62691 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62692 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62698 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62715 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62758 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62812 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62813 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62816 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62865 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62870 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62871 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62879 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62883 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT204942 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21695695 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21695774 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21695835 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21695860 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21696131 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21696243 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21696526 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21696600 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21696602 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21696618 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3142 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf | Broken Link, URL Repurposed | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:039 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2021/05/04/7 | Exploit, Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/534845/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72325 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/91787 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032909 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 | Broken Link, Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bto.bluecoat.com/security-advisory/sa90 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10100 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Jun/14 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20150127-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/HT205267 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/HT205375 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.f-secure.com/en/web/labs_global/fsc-2015-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sophos.com/en-us/support/knowledgebase/121879.aspx | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| oracle | communications_application_session_controller | * | |
| oracle | communications_eagle_application_processor | 16.0 | |
| oracle | communications_eagle_lnp_application_processor | 10.0 | |
| oracle | communications_lsms | 13.1 | |
| oracle | communications_policy_management | 9.7.3 | |
| oracle | communications_policy_management | 9.9.1 | |
| oracle | communications_policy_management | 10.4.1 | |
| oracle | communications_policy_management | 11.5 | |
| oracle | communications_policy_management | 12.1.1 | |
| oracle | communications_session_border_controller | * | |
| oracle | communications_session_border_controller | 7.2.0 | |
| oracle | communications_session_border_controller | 8.0.0 | |
| oracle | communications_user_data_repository | * | |
| oracle | communications_webrtc_session_controller | 7.0 | |
| oracle | communications_webrtc_session_controller | 7.1 | |
| oracle | communications_webrtc_session_controller | 7.2 | |
| oracle | exalogic_infrastructure | 1.0 | |
| oracle | exalogic_infrastructure | 2.0 | |
| oracle | vm_virtualbox | * | |
| oracle | linux | 5 | |
| oracle | linux | 7 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| redhat | virtualization | 6.0 | |
| apple | mac_os_x | * | |
| ibm | pureapplication_system | 1.0.0.0 | |
| ibm | pureapplication_system | 1.1.0.0 | |
| ibm | pureapplication_system | 2.0.0.0 | |
| ibm | security_access_manager_for_enterprise_single_sign-on | 8.2 | |
| php | php | * | |
| php | php | * | |
| php | php | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66C0FCBE-FCED-4169-AEED-E70F5B34094D",
"versionEndExcluding": "2.18",
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03E73D34-9239-46F7-9E98-4132964B2CD8",
"versionEndExcluding": "3.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_eagle_application_processor:16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9FDB6EE-EC5D-44F2-AEA0-0B605D5C6742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D195BC4C-DAC2-4C71-B83B-4149E86B5F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_lsms:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E14AECDA-5C63-40F0-81FF-17BBFA487577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:9.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CFEA80F-FC5D-4DAA-8810-3C26F6D8377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:9.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1B1DA1-CB11-42D6-9F28-C1588A7A7D45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F696923E-E5AB-4473-B404-A6CCB33B6DB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6234C878-15CE-4B71-B825-DA088554A2FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:12.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE69A446-E765-4141-83F6-B58EA7E3783A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A5042B-79F8-4A86-996A-F56B925AAA05",
"versionEndExcluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:7.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1F38C38F-5669-448C-9566-783BEC7AB04B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F59AE20-7B9D-47A5-9E0D-A73F4A0E7D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D37A84E-1FC0-43B2-A8E5-A8E3B26EF0E0",
"versionEndIncluding": "10.0.1",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFDB5ADE-F4DF-4054-8628-5EF6C5DB864B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "59C4F882-5B42-43E6-9CCC-D2AB23117A7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "726DB59B-00C7-444E-83F7-CB31032482AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:exalogic_infrastructure:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB059A52-DE6D-47FB-98E8-5A788E1C0FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:exalogic_infrastructure:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D70580AD-2134-49D3-BE15-020023A10E87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90F6AEA6-D52A-4655-9B89-CE5F8AA21E95",
"versionEndExcluding": "5.1.24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*",
"matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*",
"matchCriteriaId": "D1137279-81F0-4F6B-8E91-95590106BADF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:virtualization:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37BA55FC-D350-4DEB-9802-40AF59C99E79",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC5E0720-43A6-4E46-83B2-A9C228824AB3",
"versionEndExcluding": "10.11.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:1.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D7AB60B-E38B-42C7-B785-D9520C1F5564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:1.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D657332-C9B9-4E7B-89D9-5AEF3501141A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "575894EE-F13C-4D56-8B63-59A379F63BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_enterprise_single_sign-on:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "18430B37-84B3-4B88-A256-7BE9B48A3A52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82D9C83C-2968-4C63-851D-AE8DBEF02296",
"versionEndExcluding": "5.4.38",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B70DA5B9-36FC-44F1-A372-4A736D1CB043",
"versionEndExcluding": "5.5.22",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E88B9450-0A63-4FEA-98FE-AE92F7E54AA9",
"versionEndExcluding": "5.6.6",
"versionStartIncluding": "5.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka \"GHOST.\""
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en memoria din\u00e1mica en la funci\u00f3n __nss_hostname_digits_dots en glibc 2.2, y otras versiones 2.x anteriores a 2.18, permite a atacantes dependientes de contexto ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores relacionados con la funci\u00edn (1) gethostbyname o (2) gethostbyname2, tambi\u00e9n conocido como \u0027GHOST.\u0027"
}
],
"id": "CVE-2015-0235",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-28T19:59:00.063",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0090.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296726407499\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142722450701342\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142781412222323\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142781412222323\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143145428124857\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0126.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/111"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Jun/36"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2015/q1/269"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2015/q1/274"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62517"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62640"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62667"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62680"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62681"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62688"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62690"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62691"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62692"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62698"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62715"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62758"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62812"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62813"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62816"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62865"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62870"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62871"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62879"
},
{
"source": "secalert@redhat.com",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62883"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT204942"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695695"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695774"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695835"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695860"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696131"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696243"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696526"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696600"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696602"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696618"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:039"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/534845/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72325"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032909"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Permissions Required"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://bto.bluecoat.com/security-advisory/sa90"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10671"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10100"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20150127-0001/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205267"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205375"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.f-secure.com/en/web/labs_global/fsc-2015-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142296726407499\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142721102728110\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142722450701342\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142781412222323\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=142781412222323\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=143145428124857\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0126.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Jun/36"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2015/q1/269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2015/q1/274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62698"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62813"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/62883"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT204942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695835"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"URL Repurposed"
],
"url": "http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/04/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/534845/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Permissions Required"
],
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bto.bluecoat.com/security-advisory/sa90"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20150127-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.f-secure.com/en/web/labs_global/fsc-2015-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-06 20:15
Modified
2025-08-01 01:56
Severity ?
Summary
nscd: netgroup cache may terminate daemon on memory allocation failure
The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or
xrealloc and these functions may terminate the process due to a memory
allocation failure resulting in a denial of service to the clients. The
flaw was introduced in glibc 2.15 when the cache was added to nscd.
This vulnerability is only present in the nscd binary.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | http://www.openwall.com/lists/oss-security/2024/07/22/5 | Mailing List, Third Party Advisory | |
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html | Mailing List, Third Party Advisory | |
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | https://security.netapp.com/advisory/ntap-20240524-0014/ | Third Party Advisory | |
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/07/22/5 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20240524-0014/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007 | Broken Link |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| debian | debian_linux | 10.0 | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| netapp | h610c_firmware | - | |
| netapp | h610c | - | |
| netapp | h615c_firmware | - | |
| netapp | h615c | - | |
| netapp | h610s_firmware | - | |
| netapp | h610s | - | |
| netapp | hci_bootstrap_os | - | |
| netapp | hci_compute_node | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D95E16DA-1F17-4B1B-B231-7A4DEDA8C7BA",
"versionEndExcluding": "2.40",
"versionStartIncluding": "2.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89612649-BACF-4FAC-9BA4-324724FD93A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D9B255-C1AF-42D1-BF9B-13642FBDC080",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5921A877-18BF-43FE-915C-D226E140ACFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7296A1F2-D315-4FD5-8A73-65C480C855BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7CFE0E-9D1E-4495-B302-89C3096FC0DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C767AA1-88B7-48F0-9F31-A89D16DCD52C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7447BC-F315-4298-A822-549942FC118B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "nscd: netgroup cache may terminate daemon on memory allocation failure\n\nThe Name Service Cache Daemon\u0027s (nscd) netgroup cache uses xmalloc or\nxrealloc and these functions may terminate the process due to a memory\nallocation failure resulting in a denial of service to the clients. The\nflaw was introduced in glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary."
},
{
"lang": "es",
"value": "nscd: la cach\u00e9 de netgroup puede terminar el daemon ante una falla en la asignaci\u00f3n de memoria La cach\u00e9 de netgroup del daemon de cach\u00e9 del servicio de nombres (nscd) usa xmalloc o xrealloc y estas funciones pueden terminar el proceso debido a una falla en la asignaci\u00f3n de memoria que resulta en una denegaci\u00f3n de servicio a los clientes. La falla se introdujo en glibc 2.15 cuando se agreg\u00f3 el cach\u00e9 a nscd. Esta vulnerabilidad s\u00f3lo est\u00e1 presente en el binario nscd."
}
],
"id": "CVE-2024-33601",
"lastModified": "2025-08-01T01:56:26.467",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-05-06T20:15:11.603",
"references": [
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
},
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0014/"
},
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Broken Link"
],
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0014/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007"
}
],
"sourceIdentifier": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-09 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string that triggers a malloc failure and use of the alloca function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://sourceware.org/bugzilla/show_bug.cgi?id=14547 | Exploit, Patch | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:284 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/09/13/16 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1991-1 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=858238 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201503-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/bugzilla/show_bug.cgi?id=14547 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:284 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/09/13/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1991-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=858238 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 | |
| gnu | glibc | 2.13 | |
| gnu | glibc | 2.14 | |
| gnu | glibc | 2.14.1 | |
| gnu | glibc | 2.15 | |
| gnu | glibc | 2.16 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80EA2A91-4CBF-4AF4-9776-BF9EFDA67CDF",
"versionEndIncluding": "2.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5D113-EF53-4690-92AC-B6E54D70AA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92B1C39D-1183-4FAE-85C2-D1DC7AA6F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "733A1711-D2FC-45C6-9542-893860851F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4CFA8E-9892-4DDA-9DB2-581711E974A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string that triggers a malloc failure and use of the alloca function."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basada en la pila en string/strcoll_l.c en GNU C Library (aka glibc o libc6) 2.17 y anteriores que permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (ca\u00edda) o posible ejecuci\u00f3n de c\u00f3digo arbitrario a trav\u00e9s de una cadena larga que provoca un fallo del malloc y el uso de la funci\u00f3n alloca."
}
],
"id": "CVE-2012-4424",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-09T22:55:02.587",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=14547"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858238"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=14547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-19 16:29
Modified
2025-04-20 01:37
Severity ?
Summary
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| cve@mitre.org | http://www.debian.org/security/2017/dsa-3887 | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/99127 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1038712 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2017:1479 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2017:1480 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2017:1481 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2017:1567 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2017:1712 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/security/cve/CVE-2017-1000366 | Third Party Advisory | |
| cve@mitre.org | https://kc.mcafee.com/corporate/index?page=content&id=SB10205 | Patch, Third Party Advisory | |
| cve@mitre.org | https://seclists.org/bugtraq/2019/Sep/7 | ||
| cve@mitre.org | https://security.gentoo.org/glsa/201706-19 | Third Party Advisory | |
| cve@mitre.org | https://www.exploit-db.com/exploits/42274/ | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.exploit-db.com/exploits/42275/ | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.exploit-db.com/exploits/42276/ | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt | Technical Description, Third Party Advisory | |
| cve@mitre.org | https://www.suse.com/security/cve/CVE-2017-1000366/ | Third Party Advisory | |
| cve@mitre.org | https://www.suse.com/support/kb/doc/?id=7020973 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2017/dsa-3887 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99127 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038712 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1479 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1480 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1481 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1567 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1712 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2017-1000366 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10205 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201706-19 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/42274/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/42275/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/42276/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt | Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.suse.com/security/cve/CVE-2017-1000366/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.suse.com/support/kb/doc/?id=7020973 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux | 5 | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 6.6 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 5.9 | |
| redhat | enterprise_linux_server_aus | 6.2 | |
| redhat | enterprise_linux_server_aus | 6.4 | |
| redhat | enterprise_linux_server_aus | 6.5 | |
| redhat | enterprise_linux_server_aus | 6.6 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_aus | 7.3 | |
| redhat | enterprise_linux_server_aus | 7.4 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 6.2 | |
| redhat | enterprise_linux_server_eus | 6.5 | |
| redhat | enterprise_linux_server_eus | 6.7 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.3 | |
| redhat | enterprise_linux_server_eus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_long_life | 5.9 | |
| redhat | enterprise_linux_server_tus | 6.5 | |
| redhat | enterprise_linux_server_tus | 6.6 | |
| redhat | enterprise_linux_server_tus | 7.2 | |
| redhat | enterprise_linux_server_tus | 7.3 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| openstack | cloud_magnum_orchestration | 7 | |
| novell | suse_linux_enterprise_desktop | 12.0 | |
| novell | suse_linux_enterprise_point_of_sale | 11.0 | |
| novell | suse_linux_enterprise_server | 11.0 | |
| opensuse | leap | 42.2 | |
| suse | linux_enterprise_for_sap | 12 | |
| suse | linux_enterprise_server | 10 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server_for_raspberry_pi | 12 | |
| suse | linux_enterprise_software_development_kit | 11.0 | |
| suse | linux_enterprise_software_development_kit | 12.0 | |
| gnu | glibc | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| mcafee | web_gateway | * | |
| mcafee | web_gateway | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:server:*:*:*:*:*",
"matchCriteriaId": "5833A489-D6DE-4D51-9E74-189CBC2E28CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A62C9FF6-525F-4706-908C-1081B51AA464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "92C9F1C4-55B0-426D-BB5E-01372C23AF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6D0378-F0F4-4AAA-80AF-8287C790EC96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C462C17E-DEB3-4E28-9D3E-FEE97907EC14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C81647C-9A53-481D-A54C-36770A093F90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_long_life:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CC2D9E-C769-4810-99DD-540614627FFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "13E02156-E748-4820-B76F-7074793837E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openstack:cloud_magnum_orchestration:7:*:*:*:*:*:*:*",
"matchCriteriaId": "B27A3E24-7BC2-4EA9-BFAD-987C2CDEF8DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4A24B121-952E-44CD-92CB-3D66E00DD38F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_point_of_sale:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "51E07D0D-67A6-4DDE-BE4E-959DE0A3314F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:ltss:*:*:*",
"matchCriteriaId": "3F8CE3BD-993B-407F-BAEC-A070F6B46E6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_for_sap:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "E901D2F9-B4EA-420A-B1DA-4CD5B0A021CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
"matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:ltss:*:*:*",
"matchCriteriaId": "0651347C-AE16-4155-98EF-A0A2C63A37A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "F84B2729-7B52-4505-9656-1BD31B980705",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "32C12523-2500-44D0-97EE-E740BD3E61B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server_for_raspberry_pi:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4605D055-EA6E-4C90-9277-AC067E1BD02D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "51FA1B64-D002-41CC-908F-3798122ACD25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "484E3B41-F560-47A7-9C4C-C0DAF3510818",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3B907D-79AF-44AC-BD23-C369CD6AE173",
"versionEndIncluding": "2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6AE5831-D666-4D79-9B37-87A969F9127D",
"versionEndIncluding": "7.6.2.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27C7DAE9-3B9A-4062-BB77-683318A739F6",
"versionEndIncluding": "7.7.2.2",
"versionStartIncluding": "7.7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier."
},
{
"lang": "es",
"value": "Glibc contiene una vulnerabilidad que permite que los valores LD_LIBRARY_PATH especialmente creados para manipular la regi\u00f3n heap/stack de la memoria, generando entonces un alias, lo que podr\u00eda conllevar a la ejecuci\u00f3n del c\u00f3digo arbitrario. Tenga en cuenta que se han realizado cambios de refuerzo adicionales en glibc para evitar la manipulaci\u00f3n del stack y heap de la memoria de almacenamiento din\u00e1mico, pero estos problemas no se pueden explotar directamente, por lo que no se les ha otorgado un CVE. Esto impacta a glibc versi\u00f3n 2.25 y anteriores."
}
],
"id": "CVE-2017-1000366",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-19T16:29:00.310",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3887"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99127"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038712"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1479"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1480"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1481"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1567"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1712"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2017-1000366"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10205"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42274/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42275/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42276/"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/security/cve/CVE-2017-1000366/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/support/kb/doc/?id=7020973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3887"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2017-1000366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42274/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42275/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42276/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/security/cve/CVE-2017-1000366/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.suse.com/support/kb/doc/?id=7020973"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-24 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://linux.oracle.com/errata/ELSA-2015-0016.html | ||
| secalert@redhat.com | http://linux.oracle.com/errata/ELSA-2015-0092.html | Vendor Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html | Vendor Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2014-2023.html | Vendor Advisory | |
| secalert@redhat.com | http://seclists.org/oss-sec/2014/q4/730 | ||
| secalert@redhat.com | http://secunia.com/advisories/62100 | ||
| secalert@redhat.com | http://secunia.com/advisories/62146 | ||
| secalert@redhat.com | http://www.debian.org/security/2015/dsa-3142 | Vendor Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | ||
| secalert@redhat.com | http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/71216 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2432-1 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/98852 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201602-02 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=17625 | ||
| secalert@redhat.com | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=a39208bd7fb76c1b01c127b4c61f9bfd915bfe7c | ||
| secalert@redhat.com | https://sourceware.org/ml/libc-alpha/2014-11/msg00519.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://linux.oracle.com/errata/ELSA-2015-0016.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://linux.oracle.com/errata/ELSA-2015-0092.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-2023.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/oss-sec/2014/q4/730 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62100 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62146 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3142 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/71216 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2432-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/98852 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201602-02 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=17625 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=a39208bd7fb76c1b01c127b4c61f9bfd915bfe7c | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/ml/libc-alpha/2014-11/msg00519.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| debian | debian_linux | 7.0 | |
| gnu | glibc | 2.21 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "47C2E388-06A8-4AD0-9511-749FD10D2936",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing \"$((`...`))\"."
},
{
"lang": "es",
"value": "La funci\u00f3n wordexp en GNU C Library (tambi\u00e9n conocido como glibc) 2.21 no fuerza el indicador WRDE_NOCMD, lo que permite a atacantes dependientes de contexto ejecutar comandos arbitrarios, tal y como fue demostrado por entradas que contienen \u0027$((`...`))\u0027."
}
],
"id": "CVE-2014-7817",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-24T15:59:01.637",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://linux.oracle.com/errata/ELSA-2015-0016.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-2023.html"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/oss-sec/2014/q4/730"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/62100"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/62146"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/71216"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2432-1"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98852"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17625"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=a39208bd7fb76c1b01c127b4c61f9bfd915bfe7c"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sourceware.org/ml/libc-alpha/2014-11/msg00519.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2015-0016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-2023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2014/q4/730"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2432-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=a39208bd7fb76c1b01c127b4c61f9bfd915bfe7c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sourceware.org/ml/libc-alpha/2014-11/msg00519.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-04-10 02:55
Modified
2025-04-11 00:51
Severity ?
Summary
The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/04/10 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/04/11 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/04/12 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/04/9 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/05/3 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/05/7 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/07/9 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/14/16 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/14/5 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/14/7 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/15/6 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/22/4 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/22/6 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/31/3 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/31/4 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/04/01/2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://sourceware.org/bugzilla/show_bug.cgi?id=12625 | Issue Tracking | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 | Broken Link | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:179 | Broken Link | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-1526.html | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/46740 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=688980 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/10 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/11 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/12 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/04/9 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/05/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/05/7 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/07/9 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/14/16 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/14/5 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/14/7 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/15/6 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/22/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/22/6 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/31/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/31/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/04/01/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/bugzilla/show_bug.cgi?id=12625 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:179 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1526.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/46740 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=688980 | Issue Tracking |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 1.00 | |
| gnu | glibc | 1.01 | |
| gnu | glibc | 1.02 | |
| gnu | glibc | 1.03 | |
| gnu | glibc | 1.04 | |
| gnu | glibc | 1.05 | |
| gnu | glibc | 1.06 | |
| gnu | glibc | 1.07 | |
| gnu | glibc | 1.08 | |
| gnu | glibc | 1.09 | |
| gnu | glibc | 1.09.1 | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.3.10 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 | |
| gnu | glibc | 2.3.5 | |
| gnu | glibc | 2.3.6 | |
| gnu | glibc | 2.3.10 | |
| gnu | glibc | 2.4 | |
| gnu | glibc | 2.5 | |
| gnu | glibc | 2.5.1 | |
| gnu | glibc | 2.6 | |
| gnu | glibc | 2.6.1 | |
| gnu | glibc | 2.7 | |
| gnu | glibc | 2.8 | |
| gnu | glibc | 2.9 | |
| gnu | glibc | 2.10 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.10.2 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12.0 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C95B740-039D-40BB-BC5B-8D6790E90607",
"versionEndIncluding": "2.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "AA23C241-132B-423E-A22A-7206A8074D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F79978B1-8831-4169-B815-80138C85832C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "991EB676-F043-418D-BD81-0BB937236D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0C5DB0-602E-4296-884C-60E24FC80458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "3211F47C-DF6D-4355-95F8-DED317700621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "229BFD88-A90F-4D2B-97B9-822A7D87EAEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE253B0-D8E0-4099-8CA7-8925B4809F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*",
"matchCriteriaId": "D640F556-8181-4F15-B2F7-7EC7E8869FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*",
"matchCriteriaId": "061383CD-B9AD-41C6-8C46-F79870B9CD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*",
"matchCriteriaId": "9897B03F-A457-4B29-9C5E-FEA084D3BF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C3684B-CE01-46B5-9E41-BF58E6A5AA64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD93D5-70BB-475C-BDD3-DEDE9965C5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44A511B6-72EC-4200-8C1C-BDE30BC2431A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B03C644D-0EF9-4586-96D5-5DEE78D9D5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47AD8A88-DAF0-4206-8661-70075BA2AE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42AD17CD-545F-425A-92CF-0EE5F5B5F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0660536D-7F82-4B91-8B84-704D26FE989F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E2037E8C-43E8-4121-B877-1834282ACD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5E85-9AFA-429A-AC51-8D8EC2841330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D41ABE25-DECD-4068-93DA-0B85281FD93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "84600406-0CE2-46EA-A5AD-4CC0D3494AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A96FA9ED-7529-440D-984D-6340B94D8243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D70AB0-2910-4191-9980-5BA78E8F2E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A93600D-7271-4AF5-8133-C6AA5BC8543F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B4AFFF-A537-44BD-B97A-EFA9409DB8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296."
},
{
"lang": "es",
"value": "La funci\u00f3n addmntent en la biblioteca C de GNU (tambi\u00e9n conocida como glibc o libc6) v2.13 y anteriores no informa de un estado de error de intentos fallidos al escribir en el fichero /etc/mtab, haciendo m\u00e1s f\u00e1cil para los usuarios locales provocar la corrupci\u00f3n de este archivo, como lo demuestra escribiendo desde un proceso con un valor RLIMIT_FSIZE peque\u00f1o, una vulnerabilidad diferente de CVE-2010-0296."
}
],
"id": "CVE-2011-1089",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-04-10T02:55:01.367",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12625"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:179"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1526.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/46740"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1526.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/46740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-02 14:29
Modified
2024-11-21 04:10
Severity ?
Summary
The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190404-0003/ | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=22774 | Issue Tracking, Mailing List, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=8e448310d74b283c5cd02b9ed7fb997b47bf9b22 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190404-0003/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=22774 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=8e448310d74b283c5cd02b9ed7fb997b47bf9b22 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1DF595-8862-4F72-A0DF-D5651BA07F65",
"versionEndIncluding": "2.26",
"versionStartIncluding": "2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption."
},
{
"lang": "es",
"value": "La implementaci\u00f3n malloc en GNU C Library (tambi\u00e9n conocida como glibc o libc6), desde la versi\u00f3n 2.24 hasta la 2.26 en powerpc y solo en la versi\u00f3n 2.26 en i386, no gestionaba correctamente las llamadas malloc con argumentos cercanos a SIZE_MAX y podr\u00eda devolver un puntero a una regi\u00f3n de la memoria din\u00e1mica (heap) que es m\u00e1s peque\u00f1a que la solicitada, provocando al final una corrupci\u00f3n de heap."
}
],
"id": "CVE-2018-6551",
"lastModified": "2024-11-21T04:10:53.263",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-02T14:29:01.590",
"references": [
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22774"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=8e448310d74b283c5cd02b9ed7fb997b47bf9b22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=8e448310d74b283c5cd02b9ed7fb997b47bf9b22"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-27 20:29
Modified
2025-04-20 01:37
Severity ?
Summary
res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.securityfocus.com/bid/99324 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-3239-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-3239-2 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2018:0805 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1249603 | Issue Tracking, Patch, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201706-19 | Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/bugzilla/attachment.cgi?id=8492 | Patch | |
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=18784 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=fc82b0a2dfe7dbd35671c10510a8da1043d746a5 | ||
| secalert@redhat.com | https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html | Release Notes, Third Party Advisory | |
| secalert@redhat.com | https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99324 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3239-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3239-2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:0805 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1249603 | Issue Tracking, Patch, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201706-19 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/attachment.cgi?id=8492 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=18784 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=fc82b0a2dfe7dbd35671c10510a8da1043d746a5 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| gnu | glibc | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8BEA2E-918A-44DB-96A6-101EB3132AC4",
"versionEndIncluding": "2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash)."
},
{
"lang": "es",
"value": "La funci\u00f3n res_query de libresolv en glibc anterior a la versi\u00f3n 2.25 permite a un atacante remoto provocar una denegaci\u00f3n de servicio (desreferencia a NULL pointer y ca\u00edda del proceso)"
}
],
"id": "CVE-2015-5180",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-27T20:29:00.527",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99324"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3239-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3239-2"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1249603"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://sourceware.org/bugzilla/attachment.cgi?id=8492"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18784"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=fc82b0a2dfe7dbd35671c10510a8da1043d746a5"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3239-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3239-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1249603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://sourceware.org/bugzilla/attachment.cgi?id=8492"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18784"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=fc82b0a2dfe7dbd35671c10510a8da1043d746a5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.gentoo.org/show_bug.cgi?id=59526 | ||
| cve@mitre.org | http://secunia.com/advisories/12306 | Patch | |
| cve@mitre.org | http://www.gentoo.org/security/en/glsa/glsa-200408-16.xml | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-256.html | Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-261.html | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/10963 | Patch | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/17006 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10762 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.gentoo.org/show_bug.cgi?id=59526 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/12306 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200408-16.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-256.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-261.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/10963 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/17006 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10762 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.3.10 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD93D5-70BB-475C-BDD3-DEDE9965C5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program."
}
],
"id": "CVE-2004-1453",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=59526"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/12306"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-16.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-256.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-261.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10963"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17006"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=59526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/12306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-16.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-256.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-261.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10762"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-18 17:15
Modified
2025-06-24 17:31
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
Summary
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:5453 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:5455 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2023-4527 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2234712 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/09/25/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:5453 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:5455 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2023-4527 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2234712 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/ | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/ | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/ | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-03 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20231116-0012/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | * | |
| gnu | glibc | * | |
| redhat | codeready_linux_builder_eus | 9.2 | |
| redhat | codeready_linux_builder_eus_for_power_little_endian | 9.0_ppc64le | |
| redhat | codeready_linux_builder_eus_for_power_little_endian_eus | 9.2_ppc64le | |
| redhat | codeready_linux_builder_for_arm64 | 9.0_aarch64 | |
| redhat | codeready_linux_builder_for_arm64_eus | 9.2_aarch64 | |
| redhat | codeready_linux_builder_for_ibm_z_systems | 9.0_s390x | |
| redhat | codeready_linux_builder_for_ibm_z_systems_eus | 9.2_s390x | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 | |
| redhat | enterprise_linux_eus | 8.8 | |
| redhat | enterprise_linux_eus | 9.2 | |
| redhat | enterprise_linux_for_arm_64 | 9.0_aarch64 | |
| redhat | enterprise_linux_for_arm_64_eus | 9.2_aarch64 | |
| redhat | enterprise_linux_for_ibm_z_systems | 8.0_s390x | |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 8.8_s390x | |
| redhat | enterprise_linux_for_ibm_z_systems_eus_s390x | 9.2 | |
| redhat | enterprise_linux_for_ibm_z_systems_s390x | 9.2 | |
| redhat | enterprise_linux_for_power_little_endian | 8.0_ppc64le | |
| redhat | enterprise_linux_for_power_little_endian | 9.2_ppc64le | |
| redhat | enterprise_linux_for_power_little_endian_eus | 8.8_ppc64le | |
| redhat | enterprise_linux_for_power_little_endian_eus | 9.2_ppc64le | |
| redhat | enterprise_linux_server_aus | 9.2 | |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | 9.2_ppc64le | |
| redhat | enterprise_linux_tus | 8.8 | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 | |
| fedoraproject | fedora | 39 | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD456DFF-B4FE-40B0-817B-051BB99C4355",
"versionEndExcluding": "2.36.113",
"versionStartIncluding": "2.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8328198-CA66-4924-A20C-162F81FAE62D",
"versionEndExcluding": "2.37.38",
"versionStartIncluding": "2.37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC3075FA-643C-46C8-9CB0-8E904D6DF012",
"versionEndExcluding": "2.38.19",
"versionStartIncluding": "2.38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "936B046D-ADEB-4701-8957-AC28CFA9C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "98638583-9933-42F2-964E-7F8E7CF36918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "056DABF5-0C1D-4EBA-B02B-443BACB20D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "910C9542-26FC-4635-9351-128727971830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "09AAD850-019A-46B8-A5A1-845DE048D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3C5EAE-267F-410F-8AFA-8F5B68A9E617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "86034E5B-BCDD-4AFD-A460-38E790F608F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "9A879F9F-F087-45D4-BD65-2990276477D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "32AF225E-94C0-4D07-900C-DD868C05F554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "22C65F53-D624-48A9-A9B7-4C78A31E19F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus_s390x:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA1F902F-1AD5-489F-B420-A3574D1880B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_s390x:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EEAC443B-622E-49FB-8C0F-2864B7EF5F80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "23D471AC-7DCA-4425-AD91-E5D928753A8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "ED521457-498F-4E43-B714-9A3F2C3CD09A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "F91F9255-4EE1-43C7-8831-D2B6C228BFD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "99952557-C766-4B9E-8BF5-DBBA194349FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6A25CB-907A-4D05-8460-A2488938A8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_tus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "22D28543-C7C5-46B0-B909-20435AF7A501",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en glibc. Cuando se llama a la funci\u00f3n getaddrinfo con la familia de direcciones AF_UNSPEC y el sistema est\u00e1 configurado con el modo no-aaaa a trav\u00e9s de /etc/resolv.conf, una respuesta DNS a trav\u00e9s de TCP de m\u00e1s de 2048 bytes puede potencialmente revelar el contenido de la pila de memoria a trav\u00e9s de los datos de la direcci\u00f3n devuelta por la funci\u00f3n, y puede provocar un crash."
}
],
"id": "CVE-2023-4527",
"lastModified": "2025-06-24T17:31:20.860",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 4.2,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-18T17:15:55.067",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4527"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/25/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20231116-0012/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-10 18:15
Modified
2025-04-11 00:51
Severity ?
Summary
The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1097.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1098.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1185.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1200.html | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/07/11/17 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1589-1 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/attachment.cgi?id=594722 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=826943 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201503-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1097.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1098.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1185.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1200.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/07/11/17 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1589-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/attachment.cgi?id=594722 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=826943 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.5 | |
| gnu | glibc | 2.12 | |
| redhat | enterprise_virtualization | 3.0 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 11.04 | |
| canonical | ubuntu_linux | 11.10 | |
| canonical | ubuntu_linux | 12.04 | |
| redhat | enterprise_linux | 5 | |
| redhat | enterprise_linux | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "18F57529-10DF-447A-8C53-DD4B1C2AA21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "D6DFE2D3-46E2-4D0C-8508-30307D654560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not \"properly restrict the use of\" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405."
},
{
"lang": "es",
"value": "La funci\u00f3n vfprintf en stdio-common/vfprintf.c en GNU C Library (tambi\u00e9n conocido como glibc) 2.5, 2.12 y probablemente otras versiones no \"restringe debidamente el uso de\" la funci\u00f3n alloca cuando asigna el array SPECS, lo que permite a atacantes dependientes de contexto evadir el mecanismo de protecci\u00f3n de cadenas de formato FORTIFY_SOURCE y causar una denegaci\u00f3n de servicio (ca\u00edda) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena de formato manipulada mediante el uso de par\u00e1metros posicionales y un gran n\u00famero de especificadores de formato, una vulnerabilidad diferente a CVE-2012-3404 y CVE-2012-3405."
}
],
"id": "CVE-2012-3406",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-10T18:15:10.120",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1097.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1185.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/attachment.cgi?id=594722"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826943"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1097.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1185.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/attachment.cgi?id=594722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-10 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=swg21995039 | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/102073 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securityfocus.com/bid/88440 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://source.android.com/security/bulletin/2017-12-01 | Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=20010 | Issue Tracking | |
| secalert@redhat.com | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4ab2ab03d4351914ee53248dc5aef4a8c88ff8b9 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21995039 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102073 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/88440 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://source.android.com/security/bulletin/2017-12-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=20010 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4ab2ab03d4351914ee53248dc5aef4a8c88ff8b9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19A31C63-7581-4835-A2B9-08B11678BF02",
"versionEndExcluding": "2.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458."
},
{
"lang": "es",
"value": "Desbordamiento del buffer basado en pila en la funci\u00f3n getaddrinfo en sysdeps/posix/getaddrinfo.c en GNU C Library (tambi\u00e9n conocida como glibc o libc6) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de vectores relacionados con la conversi\u00f3n hostent. NOTA: esta vulnerabilidad existe debido a una reparaci\u00f3n incompleta de CVE-2013-4458."
}
],
"id": "CVE-2016-3706",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-10T15:59:03.360",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102073"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/88440"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://source.android.com/security/bulletin/2017-12-01"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20010"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4ab2ab03d4351914ee53248dc5aef4a8c88ff8b9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/88440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://source.android.com/security/bulletin/2017-12-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4ab2ab03d4351914ee53248dc5aef4a8c88ff8b9"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-22 18:15
Modified
2025-05-01 18:10
Severity ?
Summary
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/202208-24 | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20210827-0005/ | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=28011 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=5adda61f62b77384718b4c0d8336ade8f2b4b35c | Broken Link | |
| cve@mitre.org | https://sourceware.org/glibc/wiki/Security%20Exceptions | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202208-24 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210827-0005/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=28011 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=5adda61f62b77384718b4c0d8336ade8f2b4b35c | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/glibc/wiki/Security%20Exceptions | Not Applicable |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| netapp | active_iq_unified_manager | - | |
| netapp | e-series_santricity_os_controller | * | |
| netapp | hci_management_node | - | |
| netapp | ontap_select_deploy_administration_utility | - | |
| netapp | solidfire | - | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "580654C1-5047-40F4-9518-2AACF59AC357",
"versionEndExcluding": "2.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C19813-E823-456A-B1CE-EC0684CE1953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations."
},
{
"lang": "es",
"value": "La funci\u00f3n wordexp de la biblioteca GNU C (tambi\u00e9n se conoce como glibc) versiones hasta 2.33, puede bloquearse o leer memoria arbitraria en la funci\u00f3n parse_param (en el archivo posix/wordexp.c) cuando se llama con un patr\u00f3n dise\u00f1ado que no es confiable, resultando en una denegaci\u00f3n de servicio o divulgaci\u00f3n de informaci\u00f3n. Esto ocurre porque atoi fue usado pero deber\u00eda haber sido usado strtoul para asegurar c\u00e1lculos correctos"
}
],
"id": "CVE-2021-35942",
"lastModified": "2025-05-01T18:10:02.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-22T18:15:23.287",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-24"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210827-0005/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=5adda61f62b77384718b4c0d8336ade8f2b4b35c"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "https://sourceware.org/glibc/wiki/Security%20Exceptions"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-24"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210827-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=5adda61f62b77384718b4c0d8336ade8f2b4b35c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://sourceware.org/glibc/wiki/Security%20Exceptions"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html | ||
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-08/0509.html | ||
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-08/0525.html | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=93760201002154&w=2 | ||
| cve@mitre.org | http://www.calderasystems.com/support/security/advisories/CSSA-2000-028.0.txt | ||
| cve@mitre.org | http://www.debian.org/security/2000/20000902 | ||
| cve@mitre.org | http://www.linux-mandrake.com/en/updates/MDKSA-2000-040.php3 | ||
| cve@mitre.org | http://www.linux-mandrake.com/en/updates/MDKSA-2000-045.php3 | ||
| cve@mitre.org | http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2000-057.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/79537 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/1639 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/648 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/5173 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-08/0509.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-08/0525.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=93760201002154&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.calderasystems.com/support/security/advisories/CSSA-2000-028.0.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2000/20000902 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.linux-mandrake.com/en/updates/MDKSA-2000-040.php3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.linux-mandrake.com/en/updates/MDKSA-2000-045.php3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2000-057.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/79537 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1639 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/648 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/5173 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH."
}
],
"id": "CVE-2000-0824",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-11-14T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0509.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0525.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=93760201002154\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-028.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2000/20000902"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/updates/MDKSA-2000-040.php3"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/updates/MDKSA-2000-045.php3"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/79537"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1639"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/648"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0509.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0525.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=93760201002154\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-028.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2000/20000902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/updates/MDKSA-2000-040.php3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/updates/MDKSA-2000-045.php3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/79537"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/648"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5173"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-10 20:29
Modified
2024-11-21 00:02
Severity ?
Summary
The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/107871 | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=661 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://support.f5.com/csp/article/K12740406 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107871 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=661 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K12740406 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E8B01F-0D99-40B5-89C9-755444BA5177",
"versionEndExcluding": "2.3.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory."
},
{
"lang": "es",
"value": "La funci\u00f3n getgrouplist en la librer\u00eda GNU C (glibc) anterior a la versi\u00f3n 2.3.5, cuando se invoca con un argumento cero, escribe en el puntero pasado incluso si el tama\u00f1o de la matriz especificada es cero, lo que lleva a un desbordamiento del b\u00fafer y potencialmente permite a los atacantes corromper la memoria"
}
],
"id": "CVE-2005-3590",
"lastModified": "2024-11-21T00:02:15.037",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-10T20:29:00.227",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/107871"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=661"
},
{
"source": "cve@mitre.org",
"url": "https://support.f5.com/csp/article/K12740406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/107871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K12740406"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-12 13:29
Modified
2025-04-20 01:37
Severity ?
Summary
nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| cve@mitre.org | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/99071 | ||
| cve@mitre.org | https://seclists.org/bugtraq/2019/Jun/14 | ||
| cve@mitre.org | https://seclists.org/bugtraq/2019/Sep/7 | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=16695 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=c44496df2f090a56d3bf75df930592dac6bba46f | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99071 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Jun/14 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=16695 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=c44496df2f090a56d3bf75df930592dac6bba46f |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "341320B9-8C6F-40EC-ADF9-0EA8A7D51FF8",
"versionEndIncluding": "2.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd."
},
{
"lang": "es",
"value": "nscd en la biblioteca C de GNU (tambi\u00e9n conocido como glibc o libc6), versiones anteriores a la 2.20 ,no calcula correctamente el tama\u00f1o de un buffer interno al procesar solicitudes netgroup, posibilitando la ca\u00edda del demonio nscd o permitiendo la ejecuci\u00f3n de c\u00f3digo como usuario que ejecuta nscd."
}
],
"id": "CVE-2014-9984",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-12T13:29:00.183",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/99071"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16695"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=c44496df2f090a56d3bf75df930592dac6bba46f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/99071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=c44496df2f090a56d3bf75df930592dac6bba46f"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-01-21 19:29
Modified
2024-11-21 02:44
Severity ?
Summary
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/106672 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:2118 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:3513 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1347549 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=20018 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106672 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:2118 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:3513 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1347549 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=20018 | Issue Tracking, Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D60C9E29-AEFB-4A10-9E1C-1DC3C68FF0B8",
"versionEndIncluding": "2.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings."
},
{
"lang": "es",
"value": "En la biblioteca GNU C Library (tambi\u00e9n conocida como glibc o libc6) hasta la versi\u00f3n 2.28, la funci\u00f3n getaddrinfo analiza exitosamente una cadena que contiene una direcci\u00f3n IPv4 seguida por un espacio en blanco y caracteres arbitrarios. Esto podr\u00eda provocar que las aplicaciones asuman incorrectamente que han analizado una cadena v\u00e1lida, sin contemplar la posibilidad de que haya cabeceras HTTP embebidas u otras subcadenas potencialmente maliciosas."
}
],
"id": "CVE-2016-10739",
"lastModified": "2024-11-21T02:44:38.177",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-21T19:29:00.247",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106672"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:2118"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:3513"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347549"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:2118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:3513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20018"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-02-03 02:29
Modified
2024-11-21 04:47
Severity ?
Summary
In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/106835 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://security.gentoo.org/glsa/202006-04 | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=24155 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/ml/libc-alpha/2019-02/msg00041.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106835 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202006-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=24155 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/ml/libc-alpha/2019-02/msg00041.html | Mailing List, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "90936868-EB88-41E3-A01D-D5F469CE46C3",
"versionEndIncluding": "2.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled."
},
{
"lang": "es",
"value": "En GNU C Library (tambi\u00e9n conocido como glibc o libc6), hasta la versi\u00f3n 2.29, la funci\u00f3n memcmp para la arquitectura x32 puede devolver cero (indicando que las entradas son iguales) de manera incorrecta debido a que el bit de RDX m\u00e1s significativo se gestiona incorrectamente."
}
],
"id": "CVE-2019-7309",
"lastModified": "2024-11-21T04:47:58.757",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-02-03T02:29:00.237",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106835"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24155"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://sourceware.org/ml/libc-alpha/2019-02/msg00041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106835"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://sourceware.org/ml/libc-alpha/2019-02/msg00041.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-02-18 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html | Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=145596041017029&w=2 | ||
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=145672440608228&w=2 | ||
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=145690841819314&w=2 | ||
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=145857691004892&w=2 | ||
| secalert@redhat.com | http://marc.info/?l=bugtraq&m=146161017210491&w=2 | ||
| secalert@redhat.com | http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html | ||
| secalert@redhat.com | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| secalert@redhat.com | http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html | ||
| secalert@redhat.com | http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-0175.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-0176.html | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-0225.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-0277.html | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2021/Sep/0 | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2022/Jun/36 | ||
| secalert@redhat.com | http://support.citrix.com/article/CTX206991 | ||
| secalert@redhat.com | http://ubuntu.com/usn/usn-2900-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2016/dsa-3480 | ||
| secalert@redhat.com | http://www.debian.org/security/2016/dsa-3481 | Third Party Advisory | |
| secalert@redhat.com | http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow | ||
| secalert@redhat.com | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en | ||
| secalert@redhat.com | http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | Patch, Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | ||
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/83265 | ||
| secalert@redhat.com | http://www.securitytracker.com/id/1035020 | ||
| secalert@redhat.com | http://www.vmware.com/security/advisories/VMSA-2016-0002.html | ||
| secalert@redhat.com | https://access.redhat.com/articles/2161461 | Third Party Advisory | |
| secalert@redhat.com | https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/ | Third Party Advisory | |
| secalert@redhat.com | https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/ | Third Party Advisory | |
| secalert@redhat.com | https://bto.bluecoat.com/security-advisory/sa114 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1293532 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html | ||
| secalert@redhat.com | https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479 | Third Party Advisory | |
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404 | Third Party Advisory | |
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367 | ||
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211 | ||
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516 | ||
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877 | Third Party Advisory | |
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672 | Third Party Advisory | |
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937 | Third Party Advisory | |
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958 | Third Party Advisory | |
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858 | Third Party Advisory | |
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380 | ||
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716 | ||
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266 | ||
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917 | ||
| secalert@redhat.com | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 | ||
| secalert@redhat.com | https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes | ||
| secalert@redhat.com | https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01 | ||
| secalert@redhat.com | https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161 | Third Party Advisory | |
| secalert@redhat.com | https://kc.mcafee.com/corporate/index?page=content&id=SB10150 | Third Party Advisory | |
| secalert@redhat.com | https://seclists.org/bugtraq/2019/Sep/7 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201602-02 | Third Party Advisory | |
| secalert@redhat.com | https://security.netapp.com/advisory/ntap-20160217-0002/ | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=18665 | Issue Tracking | |
| secalert@redhat.com | https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html | Mailing List, Vendor Advisory | |
| secalert@redhat.com | https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html | Third Party Advisory | |
| secalert@redhat.com | https://support.lenovo.com/us/en/product_security/len_5450 | ||
| secalert@redhat.com | https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17 | ||
| secalert@redhat.com | https://www.exploit-db.com/exploits/39454/ | ||
| secalert@redhat.com | https://www.exploit-db.com/exploits/40339/ | ||
| secalert@redhat.com | https://www.kb.cert.org/vuls/id/457759 | ||
| secalert@redhat.com | https://www.tenable.com/security/research/tra-2017-08 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=145596041017029&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=145672440608228&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=145690841819314&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=145857691004892&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=146161017210491&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-0175.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-0176.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-0225.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-0277.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2021/Sep/0 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2022/Jun/36 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.citrix.com/article/CTX206991 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://ubuntu.com/usn/usn-2900-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3480 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3481 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/83265 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035020 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2016-0002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/articles/2161461 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bto.bluecoat.com/security-advisory/sa114 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1293532 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10150 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201602-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20160217-0002/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=18665 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.lenovo.com/us/en/product_security/len_5450 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/39454/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/40339/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/457759 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/research/tra-2017-08 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.10 | |
| hp | helion_openstack | 1.1.1 | |
| hp | helion_openstack | 2.0.0 | |
| hp | helion_openstack | 2.1.0 | |
| hp | server_migration_pack | 7.5 | |
| sophos | unified_threat_management_software | 9.319 | |
| sophos | unified_threat_management_software | 9.355 | |
| suse | linux_enterprise_debuginfo | 11.0 | |
| suse | linux_enterprise_debuginfo | 11.0 | |
| suse | linux_enterprise_debuginfo | 11.0 | |
| opensuse | opensuse | 13.2 | |
| suse | linux_enterprise_desktop | 11.0 | |
| suse | linux_enterprise_desktop | 11.0 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_server | 11.0 | |
| suse | linux_enterprise_server | 11.0 | |
| suse | linux_enterprise_server | 11.0 | |
| suse | linux_enterprise_server | 11.0 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_software_development_kit | 11.0 | |
| suse | linux_enterprise_software_development_kit | 11.0 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| suse | suse_linux_enterprise_server | 12 | |
| oracle | exalogic_infrastructure | 1.0 | |
| oracle | exalogic_infrastructure | 2.0 | |
| f5 | big-ip_access_policy_manager | 12.0.0 | |
| f5 | big-ip_advanced_firewall_manager | 12.0.0 | |
| f5 | big-ip_analytics | 12.0.0 | |
| f5 | big-ip_application_acceleration_manager | 12.0.0 | |
| f5 | big-ip_application_security_manager | 12.0.0 | |
| f5 | big-ip_domain_name_system | 12.0.0 | |
| f5 | big-ip_link_controller | 12.0.0 | |
| f5 | big-ip_local_traffic_manager | 12.0.0 | |
| f5 | big-ip_policy_enforcement_manager | 12.0.0 | |
| oracle | fujitsu_m10_firmware | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.2 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.2 | |
| redhat | enterprise_linux_server_eus | 7.2 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| gnu | glibc | 2.9 | |
| gnu | glibc | 2.10 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 | |
| gnu | glibc | 2.13 | |
| gnu | glibc | 2.14 | |
| gnu | glibc | 2.14.1 | |
| gnu | glibc | 2.15 | |
| gnu | glibc | 2.16 | |
| gnu | glibc | 2.17 | |
| gnu | glibc | 2.18 | |
| gnu | glibc | 2.19 | |
| gnu | glibc | 2.20 | |
| gnu | glibc | 2.21 | |
| gnu | glibc | 2.22 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:helion_openstack:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "598E9A70-D953-48F6-96AF-885532C6BA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:helion_openstack:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D566AF-D1DE-4EAD-B881-DC40D1DE780C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:helion_openstack:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81BED703-422A-4937-8BF0-F83C248188F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:server_migration_pack:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "01FB206E-013D-4BF8-999A-80ACEA611549",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management_software:9.319:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7ABF3B-513A-41E3-9640-7D5339B8235D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management_software:9.355:*:*:*:*:*:*:*",
"matchCriteriaId": "F7599118-C33F-4BEF-BDD5-280FF9F61124",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "1FADFCB2-7D70-4778-9199-516E667177C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "174A8501-CFE4-430E-BB1F-DDF89F94A117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "480C8C21-8DA3-4EF2-8BCF-7CED031A3B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "1F33821F-22ED-4B6A-B70B-D38EDA658EE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "10F15C47-008C-4FFC-980B-A14E176C1F1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*",
"matchCriteriaId": "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp2:*:*:lts:*:*:*",
"matchCriteriaId": "380DDE38-767C-455A-8474-29BF32D66D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "01E21741-9D7D-42DD-B70D-5FD3053DE780",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "FD3677E0-7423-452A-8C1E-A20C5CC34CA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "D5BAC17C-EF31-4E94-9020-47B781AD94B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2076747F-A98E-4DD9-9B52-BF1732BCAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "ACC73EF8-7AD9-4113-9E3F-C93AF818CEB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "51FA1B64-D002-41CC-908F-3798122ACD25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2A1559-651C-46B0-B436-8E03DC8A60D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5A633996-2FD7-467C-BAA6-529E16BD06D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
"matchCriteriaId": "9C649194-B8C2-49F7-A819-C635EE584ABF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:exalogic_infrastructure:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB059A52-DE6D-47FB-98E8-5A788E1C0FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:exalogic_infrastructure:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D70580AD-2134-49D3-BE15-020023A10E87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B62FEC0-EE22-46E6-B811-8AB0EE4C3E2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "532AAF54-64EF-4852-B4F1-D5E660463704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0EDB8E9-E6FB-406E-B1D3-C620F114804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA2FA6B-3930-432F-8FB5-E73604CEFE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62B0A70A-D101-443E-A543-5EC35E23D66F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "524B2D05-508C-47FF-94A0-6CC42060E638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E90C12AF-44BA-44A2-89ED-0C2497EEC8A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44F1E5E0-BD63-4A4A-BC4E-A1D5495F8B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23FF9627-E561-4CF7-A685-6E33D2F6C98C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:fujitsu_m10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3861055-D7FB-4C07-BE61-6879D3638B07",
"versionEndIncluding": "2290",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39A901D6-0874-46A4-92A8-5F72C7A89E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A96FA9ED-7529-440D-984D-6340B94D8243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D70AB0-2910-4191-9980-5BA78E8F2E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "18F57529-10DF-447A-8C53-DD4B1C2AA21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5D113-EF53-4690-92AC-B6E54D70AA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92B1C39D-1183-4FAE-85C2-D1DC7AA6F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "733A1711-D2FC-45C6-9542-893860851F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4CFA8E-9892-4DDA-9DB2-581711E974A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E91F85-7872-4290-BE7F-C966AC2773CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5491CD-F3D6-4B09-AE44-62285F6B462A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "1829B291-7B55-4B4A-9CA4-8784932935B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D625EEF2-DB23-4DFE-AF1C-BEE2DD38C54D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "47C2E388-06A8-4AD0-9511-749FD10D2936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB1928D-6A44-4B2D-A9BB-4656AF47317B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing \"dual A/AAAA DNS queries\" and the libnss_dns.so.2 NSS module."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de buffer basado en pila en las funciones (1) send_dg y (2) send_vc en la librer\u00eda libresolv en la librer\u00eda GNU C (tambi\u00e9n conocida como glibc o libc6) en versiones anteriores a 2.23 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una respuesta DNS manipulada que desencadenan una llamada a la funci\u00f3n getaddrinfo con la familia de direcciones AF_UNSPEC o AF_INET6, en relaci\u00f3n con la ejecuci\u00f3n de \"consultas duales A/AAAA DNS\" y el m\u00f3dulo libnss_dns.so.2 NSS."
}
],
"id": "CVE-2015-7547",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-02-18T21:59:00.120",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=145596041017029\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=145672440608228\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=145690841819314\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=145857691004892\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=146161017210491\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0175.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0176.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0225.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0277.html"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2022/Jun/36"
},
{
"source": "secalert@redhat.com",
"url": "http://support.citrix.com/article/CTX206991"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://ubuntu.com/usn/usn-2900-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"source": "secalert@redhat.com",
"url": "http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow"
},
{
"source": "secalert@redhat.com",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/83265"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1035020"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/articles/2161461"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://bto.bluecoat.com/security-advisory/sa114"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1293532"
},
{
"source": "secalert@redhat.com",
"url": "https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "secalert@redhat.com",
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "secalert@redhat.com",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10150"
},
{
"source": "secalert@redhat.com",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "secalert@redhat.com",
"url": "https://security.netapp.com/advisory/ntap-20160217-0002/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18665"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html"
},
{
"source": "secalert@redhat.com",
"url": "https://support.lenovo.com/us/en/product_security/len_5450"
},
{
"source": "secalert@redhat.com",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17"
},
{
"source": "secalert@redhat.com",
"url": "https://www.exploit-db.com/exploits/39454/"
},
{
"source": "secalert@redhat.com",
"url": "https://www.exploit-db.com/exploits/40339/"
},
{
"source": "secalert@redhat.com",
"url": "https://www.kb.cert.org/vuls/id/457759"
},
{
"source": "secalert@redhat.com",
"url": "https://www.tenable.com/security/research/tra-2017-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=145596041017029\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=145672440608228\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=145690841819314\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=145857691004892\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=146161017210491\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0175.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0176.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0225.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0277.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2022/Jun/36"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.citrix.com/article/CTX206991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://ubuntu.com/usn/usn-2900-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/83265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/articles/2161461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bto.bluecoat.com/security-advisory/sa114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1293532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20160217-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.lenovo.com/us/en/product_security/len_5450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/39454/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40339/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.kb.cert.org/vuls/id/457759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/research/tra-2017-08"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-05-02 14:55
Modified
2025-04-11 00:51
Severity ?
Summary
Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0393.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0397.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0488.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0531.html | ||
| secalert@redhat.com | http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=7c1f4834d398163d1ac8101e35e9c36fc3176e6e | ||
| secalert@redhat.com | http://sourceware.org/ml/libc-alpha/2012-02/msg00023.html | Exploit | |
| secalert@redhat.com | http://www.phrack.org/issues.html?issue=67&id=9#article | Exploit | |
| secalert@redhat.com | http://www.securityfocus.com/bid/52201 | Exploit | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=794766 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0393.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0397.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0488.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0531.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=7c1f4834d398163d1ac8101e35e9c36fc3176e6e | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/ml/libc-alpha/2012-02/msg00023.html | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.phrack.org/issues.html?issue=67&id=9#article | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52201 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=794766 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5D113-EF53-4690-92AC-B6E54D70AA9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en la funci\u00f3n vfprint en stdio-common/vfprint.c en glibc v2.14 y otras versiones que permite a isiarios dependientes del contexto eludir el mecanismo de protecci\u00f3n FORTIFY_SOURCE, llevar a cabo ataques de cadena de formato y escribir de forma arbitraria en memoria a trav\u00e9s de un gran n\u00famero de argumentos."
}
],
"id": "CVE-2012-0864",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-05-02T14:55:05.127",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0393.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0397.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0531.html"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=7c1f4834d398163d1ac8101e35e9c36fc3176e6e"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://sourceware.org/ml/libc-alpha/2012-02/msg00023.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.phrack.org/issues.html?issue=67\u0026id=9#article"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/52201"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=794766"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0393.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0397.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0531.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=7c1f4834d398163d1ac8101e35e9c36fc3176e6e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://sourceware.org/ml/libc-alpha/2012-02/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.phrack.org/issues.html?issue=67\u0026id=9#article"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/52201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=794766"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-20 05:59
Modified
2025-04-12 10:46
Severity ?
Summary
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://hmarco.org/bugs/glibc_ptr_mangle_weakness.html | Exploit | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html | ||
| secalert@redhat.com | http://www.debian.org/security/2016/dsa-3480 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2016/01/20/1 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/81469 | ||
| secalert@redhat.com | http://www.securitytracker.com/id/1034811 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-1 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-2 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:1916 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201702-11 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=18928 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://hmarco.org/bugs/glibc_ptr_mangle_weakness.html | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3480 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/01/20/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/81469 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1034811 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1916 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201702-11 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=18928 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E32895-9C7B-4DE8-9BB5-0177406EB761",
"versionEndIncluding": "2.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable."
},
{
"lang": "es",
"value": "La funci\u00f3n process_envvars en elf/rtld.c en la GNU C Library (tambi\u00e9n conocida como glibc o libc6) en versiones anteriores a 2.23 permite a usuarios locales eludir un mecanismo de protecci\u00f3n de puntero a trav\u00e9s de un valor cero de la variable de entorno LD_POINTER_GUARD."
}
],
"id": "CVE-2015-8777",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-20T05:59:01.237",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://hmarco.org/bugs/glibc_ptr_mangle_weakness.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/81469"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1034811"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://hmarco.org/bugs/glibc_ptr_mangle_weakness.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/81469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18928"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-254"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-19 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html | ||
| secalert@redhat.com | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2017-0680.html | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| secalert@redhat.com | http://www.debian.org/security/2016/dsa-3480 | ||
| secalert@redhat.com | http://www.debian.org/security/2016/dsa-3481 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2016/01/19/11 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2016/01/20/1 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/82244 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-1 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-2 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:1916 | ||
| secalert@redhat.com | https://seclists.org/bugtraq/2019/Sep/7 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201602-02 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201702-11 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=17905 | ||
| secalert@redhat.com | https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2017-0680.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3480 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3481 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/01/19/11 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/01/20/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/82244 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1916 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201602-02 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201702-11 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=17905 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| suse | linux_enterprise_debuginfo | 11 | |
| suse | linux_enterprise_debuginfo | 11 | |
| suse | linux_enterprise_debuginfo | 11 | |
| opensuse | opensuse | 13.2 | |
| suse | linux_enterprise_desktop | 11 | |
| suse | linux_enterprise_desktop | 11 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_software_development_kit | 11 | |
| suse | linux_enterprise_software_development_kit | 11 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| suse | suse_linux_enterprise_server | 12 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.10 | |
| debian | debian_linux | 8.0 | |
| gnu | glibc | * | |
| fedoraproject | fedora | 23 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D5900A25-FDD7-4900-BF7C-F3ECCB714D2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "58D3B6FD-B474-4B09-B644-A8634A629280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "F892F1B0-514C-42F7-90AE-12ACDFDC1033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*",
"matchCriteriaId": "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "8B072472-B463-4647-885D-E40B0115C810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2076747F-A98E-4DD9-9B52-BF1732BCAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "D41A798E-0D69-43C7-9A63-1E5921138EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2A1559-651C-46B0-B436-8E03DC8A60D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5A633996-2FD7-467C-BAA6-529E16BD06D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
"matchCriteriaId": "9C649194-B8C2-49F7-A819-C635EE584ABF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E32895-9C7B-4DE8-9BB5-0177406EB761",
"versionEndIncluding": "2.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en pila en la funci\u00f3n catopen en la GNU C Library (tambi\u00e9n conocida como glibc o libc6) en versiones anteriores a 2.23 permite a atacantes dependientes de contexto causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un nombre de cat\u00e1logo largo."
}
],
"id": "CVE-2015-8779",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-19T21:59:05.990",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/82244"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"source": "secalert@redhat.com",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17905"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/82244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17905"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-12 16:15
Modified
2025-05-30 19:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc | Exploit, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/ | ||
| cve@mitre.org | https://security.gentoo.org/glsa/202208-24 | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20210909-0005/ | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=28213 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=4cc79c217744743077bf7a0ec5e0a4318f1e6641 | ||
| cve@mitre.org | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=b805aebd42364fe696e417808a700fdb9800c9e8 | ||
| cve@mitre.org | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202208-24 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210909-0005/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=28213 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=4cc79c217744743077bf7a0ec5e0a4318f1e6641 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=b805aebd42364fe696e417808a700fdb9800c9e8 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| fedoraproject | fedora | 35 | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_function_cloud_native_environment | 22.1.0 | |
| oracle | communications_cloud_native_core_network_repository_function | 22.1.2 | |
| oracle | communications_cloud_native_core_network_repository_function | 22.2.0 | |
| oracle | communications_cloud_native_core_security_edge_protection_proxy | 22.1.1 | |
| oracle | communications_cloud_native_core_unified_data_repository | 22.2.0 | |
| oracle | enterprise_operations_monitor | 4.3 | |
| oracle | enterprise_operations_monitor | 4.4 | |
| oracle | enterprise_operations_monitor | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED46EB04-73DF-41D7-9E54-A50570DF766B",
"versionEndIncluding": "2.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04E6C8E9-2024-496C-9BFD-4548A5B44E2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A264E0DE-209D-49B1-8B26-51AB8BBC97F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB5FF32-7362-4A1E-AD24-EF6B8770FCAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B40FAF9-0A6B-41C4-8CAD-D3D1DD982C2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74810125-09E6-4F27-B541-AFB61112AC56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_operations_monitor:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5453265-3BE1-4AF0-BE50-13C2EF67F49B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_operations_monitor:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "93E0B297-A319-4961-976C-7DDA5A0B9353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_operations_monitor:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AEFDF7DD-4D5D-410B-840F-99A8D7DEE4A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix."
},
{
"lang": "es",
"value": "En librt en la Biblioteca C de GNU (tambi\u00e9n se conoce como glibc) versiones hasta 2.34, el archivo sysdeps/unix/sysv/linux/mq_notify.c, maneja inapropiadamente determinados datos NOTIFY_REMOVED, conllevando una desreferencia de puntero NULL. NOTA: esta vulnerabilidad se introdujo como efecto secundario de la correcci\u00f3n de CVE-2021-33574"
}
],
"id": "CVE-2021-38604",
"lastModified": "2025-05-30T19:15:26.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2021-08-12T16:15:10.600",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-24"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210909-0005/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28213"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=4cc79c217744743077bf7a0ec5e0a4318f1e6641"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=b805aebd42364fe696e417808a700fdb9800c9e8"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-24"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210909-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=4cc79c217744743077bf7a0ec5e0a4318f1e6641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=b805aebd42364fe696e417808a700fdb9800c9e8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-30 17:15
Modified
2024-11-21 05:11
Severity ?
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E | ||
| secalert@redhat.com | https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E | ||
| secalert@redhat.com | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://security.gentoo.org/glsa/202101-20 | Third Party Advisory | |
| secalert@redhat.com | https://security.netapp.com/advisory/ntap-20200511-0005/ | Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=25414 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ddc650e9b3dc916eab417ce9f79e67337b05035c | ||
| secalert@redhat.com | https://usn.ubuntu.com/4416-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202101-20 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20200511-0005/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=25414 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ddc650e9b3dc916eab417ce9f79e67337b05035c | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4416-1/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.10 | |
| netapp | active_iq_unified_manager | * | |
| netapp | hci_management_node | - | |
| netapp | solidfire | - | |
| netapp | steelstore_cloud_integrated_storage | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67E08705-E559-47C1-BA84-D9F88FFE9EBB",
"versionEndExcluding": "2.32.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C19813-E823-456A-B1CE-EC0684CE1953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32."
},
{
"lang": "es",
"value": "Una vulnerabilidad de uso de la memoria previamente liberada introducida en glibc versiones anteriores a la versi\u00f3n 2.14, se descubri\u00f3 en la manera en que se llev\u00f3 a cabo la expansi\u00f3n de tilde. Las rutas de directorios que conten\u00edan una tilde inicial seguida de un nombre de usuario v\u00e1lido estaban afectadas por este problema. Un atacante local podr\u00eda explotar este fallo creando una ruta especialmente dise\u00f1ada que, al ser procesada por la funci\u00f3n glob, podr\u00eda conllevar a una ejecuci\u00f3n de c\u00f3digo arbitraria. Esto fue corregido en la versi\u00f3n 2.32."
}
],
"id": "CVE-2020-1752",
"lastModified": "2024-11-21T05:11:18.623",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-30T17:15:13.067",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200511-0005/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ddc650e9b3dc916eab417ce9f79e67337b05035c"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200511-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ddc650e9b3dc916eab417ce9f79e67337b05035c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-24 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html | Third Party Advisory | |
| cve@mitre.org | http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html | ||
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-0863.html | ||
| cve@mitre.org | http://seclists.org/fulldisclosure/2021/Sep/0 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2015/01/28/20 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72844 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2519-1 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2016:1207 | Third Party Advisory | |
| cve@mitre.org | https://github.com/golang/go/issues/6336 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201602-02 | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=15946 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0863.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2021/Sep/0 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/01/28/20 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72844 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2519-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2016:1207 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/golang/go/issues/6336 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201602-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=15946 | Issue Tracking |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_server_aus | 6.5 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| gnu | glibc | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8768EA17-45CA-4B47-B9E6-D58D11C45B56",
"versionEndExcluding": "2.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function."
},
{
"lang": "es",
"value": "La funci\u00f3n send_dg en resolv/res_send.c en GNU C Library (tambi\u00e9n conocido como glibc o libc6) en versiones anteriores a 2.20 no reutiliza adecuadamente descriptores de fichero, lo que permite a atacantes remotos mandar consultas DNS a ubicaciones no intencionadas a trav\u00e9s de un gran n\u00famero de peticiones que desencadenan una llamada a la funci\u00f3n getaddrinfo."
}
],
"id": "CVE-2013-7423",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-24T15:59:00.050",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0863.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/28/20"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72844"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1207"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/golang/go/issues/6336"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0863.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/28/20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/golang/go/issues/6336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15946"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-17"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-10 18:15
Modified
2025-04-11 00:51
Severity ?
Summary
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers "desynchronization within the buffer size handling," a different vulnerability than CVE-2012-3404.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1098.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1200.html | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/07/11/17 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1589-1 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=833704 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201503-04 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=13446 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1098.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1200.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/07/11/17 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1589-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=833704 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=13446 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.14 | |
| redhat | enterprise_virtualization | 3.0 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 11.04 | |
| canonical | ubuntu_linux | 11.10 | |
| canonical | ubuntu_linux | 12.04 | |
| redhat | enterprise_linux | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5D113-EF53-4690-92AC-B6E54D70AA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "D6DFE2D3-46E2-4D0C-8508-30307D654560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers \"desynchronization within the buffer size handling,\" a different vulnerability than CVE-2012-3404."
},
{
"lang": "es",
"value": "La funci\u00f3n vfprintf en stdio-common/vfprintf.c en libc en GNU C Library (tambi\u00e9n conocido como glibc) 2.14 y otras versiones no calcula correctamente una longitud de buffer, lo que permite a atacantes dependientes de contexto evadir el mecanismo de protecci\u00f3n de cadenas de formato FORTIFY_SOURCE y causar una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n y ca\u00edda) a trav\u00e9s de una cadena de formato con un gran n\u00famero de especificadores de formato que provoca \"desincronizaci\u00f3n dentro del manejo del tama\u00f1o de buffer,\" una vulnerabilidad deferente a CVE-2012-3404."
}
],
"id": "CVE-2012-3405",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-10T18:15:10.073",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833704"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=13446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833704"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=13446"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-05 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of "0xffff" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://linux.oracle.com/errata/ELSA-2015-0016.html | ||
| secalert@redhat.com | http://secunia.com/advisories/62100 | ||
| secalert@redhat.com | http://secunia.com/advisories/62146 | ||
| secalert@redhat.com | http://ubuntu.com/usn/usn-2432-1 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2015/dsa-3142 | Vendor Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2014:175 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2014/08/29/3 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2014/09/02/1 | Exploit | |
| secalert@redhat.com | http://www.securityfocus.com/bid/69472 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201602-02 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=17325 | Exploit | |
| secalert@redhat.com | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=41488498b6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://linux.oracle.com/errata/ELSA-2015-0016.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62100 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/62146 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://ubuntu.com/usn/usn-2432-1 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3142 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2014:175 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/08/29/3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/09/02/1 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/69472 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201602-02 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=17325 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=41488498b6 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 | |
| gnu | glibc | 2.13 | |
| gnu | glibc | 2.14 | |
| gnu | glibc | 2.14.1 | |
| gnu | glibc | 2.15 | |
| gnu | glibc | 2.16 | |
| gnu | glibc | 2.17 | |
| gnu | glibc | 2.18 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "341320B9-8C6F-40EC-ADF9-0EA8A7D51FF8",
"versionEndIncluding": "2.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "18F57529-10DF-447A-8C53-DD4B1C2AA21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5D113-EF53-4690-92AC-B6E54D70AA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92B1C39D-1183-4FAE-85C2-D1DC7AA6F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "733A1711-D2FC-45C6-9542-893860851F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4CFA8E-9892-4DDA-9DB2-581711E974A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E91F85-7872-4290-BE7F-C966AC2773CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5491CD-F3D6-4B09-AE44-62285F6B462A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of \"0xffff\" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8."
},
{
"lang": "es",
"value": "GNU C Library (tambi\u00e9n conocido como glibc) anterior a 2.20 permite a atacantes dependientes de contexto causar una denegaci\u00f3n de servicio (lectura fuera de rango y ca\u00edda) a trav\u00e9s de un valor de caracteres de multibytes de \u00270xffff\u0027 en la funci\u00f3n iconv cuando convierte datos codificados de (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, o (5) IBM1364 a UTF-8."
}
],
"id": "CVE-2014-6040",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-05T16:59:09.910",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://linux.oracle.com/errata/ELSA-2015-0016.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/62100"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/62146"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ubuntu.com/usn/usn-2432-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:175"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2014/08/29/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/02/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/69472"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17325"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=41488498b6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2015-0016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/62146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://ubuntu.com/usn/usn-2432-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/08/29/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/02/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=41488498b6"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-06 13:15
Modified
2024-11-20 23:28
Severity ?
Summary
manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://ftp.gnu.org/gnu/glibc/glibc-2.2.tar.gz | Product, Vendor Advisory | |
| cve@mitre.org | https://github.com/bminor/glibc/commit/2864e767053317538feafa815046fff89e5a16be#diff-94e8c502f255fdfc346df0e29fd4ef40 | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.cee.studio/tdelete.html | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ftp.gnu.org/gnu/glibc/glibc-2.2.tar.gz | Product, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bminor/glibc/commit/2864e767053317538feafa815046fff89e5a16be#diff-94e8c502f255fdfc346df0e29fd4ef40 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cee.studio/tdelete.html | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD603A8-4AD5-4805-AC8F-EB1F5FA9CD87",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree\u0027s root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999."
},
{
"lang": "es",
"value": "En el archivo manual/search.texi en la Biblioteca GNU C (tambi\u00e9n se conoce como glibc) versiones anteriores a 2.2, carece de una declaraci\u00f3n sobre el valor de retorno tdelete no especificado al eliminar una ra\u00edz de un \u00e1rbol, lo que podr\u00eda permitir a atacantes acceder a un puntero colgado en una aplicaci\u00f3n cuyo desarrollador no estaba al tanto de un actualizaci\u00f3n de documentaci\u00f3n desde 1999"
}
],
"id": "CVE-1999-0199",
"lastModified": "2024-11-20T23:28:06.727",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-06T13:15:13.087",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://ftp.gnu.org/gnu/glibc/glibc-2.2.tar.gz"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bminor/glibc/commit/2864e767053317538feafa815046fff89e5a16be#diff-94e8c502f255fdfc346df0e29fd4ef40"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.cee.studio/tdelete.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://ftp.gnu.org/gnu/glibc/glibc-2.2.tar.gz"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bminor/glibc/commit/2864e767053317538feafa815046fff89e5a16be#diff-94e8c502f255fdfc346df0e29fd4ef40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.cee.studio/tdelete.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-252"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-27 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html | Mailing List | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | Mailing List | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2015-0327.html | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2016/dsa-3480 | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/73038 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-2 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1165192 | Exploit, Issue Tracking | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201602-02 | Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/ml/libc-alpha/2015-02/msg00617.html | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0327.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3480 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/73038 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1165192 | Exploit, Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201602-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/ml/libc-alpha/2015-02/msg00617.html | Exploit |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_desktop | 11 | |
| suse | suse_linux_enterprise_server | 11.0 | |
| suse | suse_linux_enterprise_server | 11.0 | |
| suse | suse_linux_enterprise_server | 11.0 | |
| gnu | glibc | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F4BC592E-17CC-4DD4-8B2C-CFD99383649C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "E7A8195F-8126-47B7-8664-CF1EBF194BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "7F622F0E-8D17-47E8-8F3C-A640C21544E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "103582CB-029E-4201-B391-897B49BE8DDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "9252BDA9-EC9D-49C7-8276-B3099CA75E05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57CAD5CA-C7C1-4567-8E5B-FCA4DA4D516D",
"versionEndIncluding": "2.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset."
},
{
"lang": "es",
"value": "DB_LOOKUP en nss_files/files-XXX.c en Name Service Switch (NSS) en GNU C Library (tambi\u00e9n conocida como glibc o libc6) 2.21 y versiones anteriores no comprueba correctamente si un archivo est\u00e1 abierto, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (bucle infinito) realizando una b\u00fasqueda en una base de datos mientras itera sobre ella, lo que desencadena que el puntero al archivo sea reestablecido."
}
],
"id": "CVE-2014-8121",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-27T14:59:03.353",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0327.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/73038"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1165192"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "https://sourceware.org/ml/libc-alpha/2015-02/msg00617.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0327.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/73038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1165192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://sourceware.org/ml/libc-alpha/2015-02/msg00617.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-17"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-08 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://openwall.com/lists/oss-security/2015/02/04/1 | ||
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/72499 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2519-1 | ||
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2015/02/04/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72499 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2519-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| gnu | glibc | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA913F6A-63A0-468F-A0E0-66748E337246",
"versionEndIncluding": "2.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call."
},
{
"lang": "es",
"value": "El macro ADDW en stdio-common/vfscanf.c en la librar\u00eda GNU C (tambi\u00e9n conocida como glibc o libc6) anterior a 2.21 no considera correctamente el tama\u00f1o de tipos de datos durante una decisi\u00f3n de la gesti\u00f3n de riesgos para utilizar en la funci\u00f3n alloca, lo que podr\u00eda permitir atacantes dependientes de contexto causar una denegaci\u00f3n de servicio (violaci\u00f3n de segmentaci\u00f3n) o sobrescribir localizaciones de memoria m\u00e1s all\u00e1 del l\u00edmite de la pila a trav\u00e9s de una l\u00ednea larga que contiene caracateres anchas que se manejen incorrectamente en una llamada wscanf."
}
],
"id": "CVE-2015-1473",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-08T10:59:03.627",
"references": [
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2015/02/04/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72499"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2015/02/04/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-02-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136318 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200410-19.xml | ||
| cve@mitre.org | http://www.debian.org/security/2005/dsa-636 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2004-586.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2005-261.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/11286 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.trustix.org/errata/2004/0050 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/17583 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9523 | ||
| cve@mitre.org | https://www.ubuntu.com/usn/usn-4-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200410-19.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2005/dsa-636 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2004-586.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2005-261.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/11286 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2004/0050 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/17583 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9523 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ubuntu.com/usn/usn-4-1/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.3.10 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 | |
| gnu | glibc | 2.3.10 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD93D5-70BB-475C-BDD3-DEDE9965C5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47AD8A88-DAF0-4206-8661-70075BA2AE55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files."
}
],
"id": "CVE-2004-0968",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-02-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136318"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200410-19.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2005/dsa-636"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-586.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-261.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11286"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2004/0050"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9523"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-4-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200410-19.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-586.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-261.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2004/0050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-4-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-09 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | ||
| secalert@redhat.com | http://secunia.com/advisories/55113 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-1 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-2 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=976408 | Patch | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201503-04 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=15755 | Patch | |
| secalert@redhat.com | https://sourceware.org/ml/libc-alpha/2013-08/msg00160.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/55113 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=976408 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=15755 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/ml/libc-alpha/2013-08/msg00160.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 | |
| gnu | glibc | 2.13 | |
| gnu | glibc | 2.14 | |
| gnu | glibc | 2.14.1 | |
| gnu | glibc | 2.15 | |
| gnu | glibc | 2.16 | |
| fedoraproject | fedora | 18 | |
| fedoraproject | fedora | 19 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80EA2A91-4CBF-4AF4-9776-BF9EFDA67CDF",
"versionEndIncluding": "2.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5D113-EF53-4690-92AC-B6E54D70AA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92B1C39D-1183-4FAE-85C2-D1DC7AA6F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "733A1711-D2FC-45C6-9542-893860851F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4CFA8E-9892-4DDA-9DB2-581711E974A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
"matchCriteriaId": "E14271AE-1309-48F3-B9C6-D7DEEC488279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system."
},
{
"lang": "es",
"value": "pt_chown en GNU C Library (tambi\u00e9n conocida como glibc o libc6) anterior a la versi\u00f3n 2.18 no comprueba adecuadamente los permisos para archivos tty, lo que permite a usuarios locales cambiar el permiso en los archivos y obtener acceso a pseudo-terminals arbitrarios mediante el aprovechamiento de un sistema de archivos FUSE."
}
],
"id": "CVE-2013-2207",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-09T22:55:02.633",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/55113"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=976408"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15755"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/ml/libc-alpha/2013-08/msg00160.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=976408"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/ml/libc-alpha/2013-08/msg00160.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-10-14 05:58
Modified
2025-04-11 00:51
Severity ?
Summary
Certain run-time memory protection mechanisms in the GNU C Library (aka glibc or libc6) print argv[0] and backtrace information, which might allow context-dependent attackers to obtain sensitive information from process memory by executing an incorrect program, as demonstrated by a setuid program that contains a stack-based buffer overflow error, related to the __fortify_fail function in debug/fortify_fail.c, and the __stack_chk_fail (aka stack protection) and __chk_fail (aka FORTIFY_SOURCE) implementations.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://seclists.org/fulldisclosure/2010/Apr/399 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2010/08/25/8 | Mailing List | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2010/08/31/6 | Mailing List | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2010/08/31/7 | Mailing List | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2010/09/02/2 | Mailing List | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2010/09/02/3 | Mailing List | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2010/09/02/4 | Mailing List | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2010/09/02/5 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2010/Apr/399 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2010/08/25/8 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2010/08/31/6 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2010/08/31/7 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2010/09/02/2 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2010/09/02/3 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2010/09/02/4 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2010/09/02/5 | Mailing List |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B57CAA-FEDE-48A6-A22F-56CAEA79F200",
"versionEndExcluding": "2.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain run-time memory protection mechanisms in the GNU C Library (aka glibc or libc6) print argv[0] and backtrace information, which might allow context-dependent attackers to obtain sensitive information from process memory by executing an incorrect program, as demonstrated by a setuid program that contains a stack-based buffer overflow error, related to the __fortify_fail function in debug/fortify_fail.c, and the __stack_chk_fail (aka stack protection) and __chk_fail (aka FORTIFY_SOURCE) implementations."
},
{
"lang": "es",
"value": "Algunos mecanismos run-time de protecci\u00f3n de memoria en la Librer\u00eda C de GNU (tambi\u00e9n conocido como glibc o libc6) print argv[0] y backtrace information, lo cual permite a atacantes dependientes del contexto obtener informaci\u00f3n sensible de procesos de memoria mediante la ejecuci\u00f3n de un programa incorrecto, como el demostrado por un programa setuid que contiene un error de desbordamiento de b\u00fafer basado en pila, relacionado con la funci\u00f3n __fortify_fail en debug/fortify_fail.c, y las implementaciones __stack_chk_fail (tambi\u00e9n conocida como stack protection) y __chk_fail (tambi\u00e9n conocida como FORTIFY_SOURCE)."
}
],
"id": "CVE-2010-3192",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-10-14T05:58:06.833",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2010/Apr/399"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/25/8"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/31/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/31/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2010/Apr/399"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/25/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/31/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2010/08/31/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/02/5"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-12-19 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/85028 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/1719 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/5299 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/85028 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1719 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/5299 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD93D5-70BB-475C-BDD3-DEDE9965C5BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack."
}
],
"id": "CVE-2000-0959",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-12-19T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/85028"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1719"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/85028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5299"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-19 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html | Third Party Advisory | |
| secalert@redhat.com | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2017-0680.html | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| secalert@redhat.com | http://www.debian.org/security/2016/dsa-3480 | ||
| secalert@redhat.com | http://www.debian.org/security/2016/dsa-3481 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2016/01/19/11 | Third Party Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2016/01/20/1 | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/83275 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-2 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:1916 | ||
| secalert@redhat.com | https://seclists.org/bugtraq/2019/Sep/7 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201602-02 | Third Party Advisory | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201702-11 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=18240 | Issue Tracking | |
| secalert@redhat.com | https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2017-0680.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3480 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3481 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/01/19/11 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/01/20/1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/83275 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1916 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201602-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201702-11 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=18240 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 23 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.10 | |
| gnu | glibc | * | |
| suse | linux_enterprise_debuginfo | 11 | |
| suse | linux_enterprise_debuginfo | 11 | |
| suse | linux_enterprise_debuginfo | 11 | |
| opensuse | opensuse | 13.2 | |
| suse | linux_enterprise_desktop | 11 | |
| suse | linux_enterprise_desktop | 11 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_software_development_kit | 11 | |
| suse | linux_enterprise_software_development_kit | 11 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| suse | suse_linux_enterprise_server | 12 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E32895-9C7B-4DE8-9BB5-0177406EB761",
"versionEndIncluding": "2.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D5900A25-FDD7-4900-BF7C-F3ECCB714D2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "58D3B6FD-B474-4B09-B644-A8634A629280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "F892F1B0-514C-42F7-90AE-12ACDFDC1033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*",
"matchCriteriaId": "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:lts:*:*:*",
"matchCriteriaId": "BC5EDFD9-5402-4A4A-B9B1-377393BA0A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "8B072472-B463-4647-885D-E40B0115C810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2076747F-A98E-4DD9-9B52-BF1732BCAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "D41A798E-0D69-43C7-9A63-1E5921138EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2A1559-651C-46B0-B436-8E03DC8A60D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5A633996-2FD7-467C-BAA6-529E16BD06D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
"matchCriteriaId": "9C649194-B8C2-49F7-A819-C635EE584ABF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la GNU C Library (tambi\u00e9n conocida como glibc o libc6) en versiones anteriores a 2.23 permite a atacantes dependientes del contexto causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s del argumento size a la funci\u00f3n the __hcreate_r, lo que desencandena el acceso fuera de rango a memoria din\u00e1mica."
}
],
"id": "CVE-2015-8778",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-19T21:59:04.990",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/83275"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"source": "secalert@redhat.com",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18240"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/83275"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-01 04:29
Modified
2024-11-21 03:04
Severity ?
Summary
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://seclists.org/oss-sec/2017/q4/385 | Exploit, Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2019/06/27/7 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2019/06/28/1 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2019/06/28/2 | ||
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190404-0003/ | ||
| cve@mitre.org | https://www.exploit-db.com/exploits/43331/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/oss-sec/2017/q4/385 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2019/06/27/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2019/06/28/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2019/06/28/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190404-0003/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/43331/ | Exploit, Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366."
},
{
"lang": "es",
"value": "Una fuga de memoria en glibc 2.1.1 (publicado el 24 de mayo de 1999) puede ser alcanzada y amplificada mediante la variable de entorno LD_HWCAP_MASK. Hay que tener en cuenta que muchas versiones de glibc no son vulnerables a este problema si se corrigen con el parche para CVE-2017-1000366."
}
],
"id": "CVE-2017-1000408",
"lastModified": "2024-11-21T03:04:40.130",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-01T04:29:00.247",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2017/q4/385"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2019/06/27/7"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/43331/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2017/q4/385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2019/06/27/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/43331/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-772"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-07 13:29
Modified
2025-04-20 01:37
Severity ?
Summary
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYZL6PAKI73XYRJYL5VLDGA4FFGWMB7A/ | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=21115 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=d42eed4a044e5e10dfb885cf9891c2518a72a491 | ||
| cve@mitre.org | https://usn.ubuntu.com/4416-1/ | ||
| cve@mitre.org | https://www.securityfocus.com/bid/100679 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYZL6PAKI73XYRJYL5VLDGA4FFGWMB7A/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=21115 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=d42eed4a044e5e10dfb885cf9891c2518a72a491 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4416-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/100679 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3B907D-79AF-44AC-BD23-C369CD6AE173",
"versionEndIncluding": "2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso de memoria previamente liberada en la funci\u00f3n clntudp_call en sunrpc/clnt_udp.c en GNU C Library (tambi\u00e9n conocida como glibc o libc6), en versiones anteriores a la 2.26, permite que atacantes remotos provoquen un impacto sin especificar mediante vectores relacionados con una ruta de error."
}
],
"id": "CVE-2017-12133",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-07T13:29:00.387",
"references": [
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYZL6PAKI73XYRJYL5VLDGA4FFGWMB7A/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21115"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=d42eed4a044e5e10dfb885cf9891c2518a72a491"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "cve@mitre.org",
"url": "https://www.securityfocus.com/bid/100679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYZL6PAKI73XYRJYL5VLDGA4FFGWMB7A/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=d42eed4a044e5e10dfb885cf9891c2518a72a491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.securityfocus.com/bid/100679"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-04-10 02:55
Modified
2025-04-11 00:51
Severity ?
Summary
locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://bugs.gentoo.org/show_bug.cgi?id=330923 | Exploit, Patch | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/08/21 | Exploit, Patch | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/08/22 | ||
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/03/08/8 | Exploit, Patch | |
| secalert@redhat.com | http://secunia.com/advisories/43830 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/43976 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/43989 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/46397 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201011-01.xml | Vendor Advisory | |
| secalert@redhat.com | http://securitytracker.com/id?1025286 | ||
| secalert@redhat.com | http://sources.redhat.com/bugzilla/show_bug.cgi?id=11904 | Exploit | |
| secalert@redhat.com | http://sourceware.org/bugzilla/show_bug.cgi?id=11904 | Exploit | |
| secalert@redhat.com | http://sourceware.org/git/?p=glibc.git%3Ba=patch%3Bh=026373745eab50a683536d950cb7e17dc98c4259 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-0412.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-0413.html | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/520102/100/0/threaded | ||
| secalert@redhat.com | http://www.vmware.com/security/advisories/VMSA-2011-0012.html | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2011/0863 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=625893 | Exploit, Patch | |
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12272 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.gentoo.org/show_bug.cgi?id=330923 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/08/21 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/08/22 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/08/8 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43830 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43976 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43989 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46397 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201011-01.xml | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1025286 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sources.redhat.com/bugzilla/show_bug.cgi?id=11904 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/bugzilla/show_bug.cgi?id=11904 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/git/?p=glibc.git%3Ba=patch%3Bh=026373745eab50a683536d950cb7e17dc98c4259 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-0412.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-0413.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/520102/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2011-0012.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0863 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=625893 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12272 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 1.00 | |
| gnu | glibc | 1.01 | |
| gnu | glibc | 1.02 | |
| gnu | glibc | 1.03 | |
| gnu | glibc | 1.04 | |
| gnu | glibc | 1.05 | |
| gnu | glibc | 1.06 | |
| gnu | glibc | 1.07 | |
| gnu | glibc | 1.08 | |
| gnu | glibc | 1.09 | |
| gnu | glibc | 1.09.1 | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.3.10 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 | |
| gnu | glibc | 2.3.5 | |
| gnu | glibc | 2.3.6 | |
| gnu | glibc | 2.3.10 | |
| gnu | glibc | 2.4 | |
| gnu | glibc | 2.5 | |
| gnu | glibc | 2.5.1 | |
| gnu | glibc | 2.6 | |
| gnu | glibc | 2.6.1 | |
| gnu | glibc | 2.7 | |
| gnu | glibc | 2.8 | |
| gnu | glibc | 2.9 | |
| gnu | glibc | 2.10 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.10.2 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12.0 | |
| gnu | glibc | 2.12.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81FC02B2-EEB1-40EA-ADE5-479ED3FC11A7",
"versionEndIncluding": "2.12.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "AA23C241-132B-423E-A22A-7206A8074D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F79978B1-8831-4169-B815-80138C85832C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "991EB676-F043-418D-BD81-0BB937236D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0C5DB0-602E-4296-884C-60E24FC80458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "3211F47C-DF6D-4355-95F8-DED317700621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "229BFD88-A90F-4D2B-97B9-822A7D87EAEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE253B0-D8E0-4099-8CA7-8925B4809F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*",
"matchCriteriaId": "D640F556-8181-4F15-B2F7-7EC7E8869FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*",
"matchCriteriaId": "061383CD-B9AD-41C6-8C46-F79870B9CD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*",
"matchCriteriaId": "9897B03F-A457-4B29-9C5E-FEA084D3BF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C3684B-CE01-46B5-9E41-BF58E6A5AA64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD93D5-70BB-475C-BDD3-DEDE9965C5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44A511B6-72EC-4200-8C1C-BDE30BC2431A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B03C644D-0EF9-4586-96D5-5DEE78D9D5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47AD8A88-DAF0-4206-8661-70075BA2AE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42AD17CD-545F-425A-92CF-0EE5F5B5F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0660536D-7F82-4B91-8B84-704D26FE989F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E2037E8C-43E8-4121-B877-1834282ACD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5E85-9AFA-429A-AC51-8D8EC2841330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D41ABE25-DECD-4068-93DA-0B85281FD93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "84600406-0CE2-46EA-A5AD-4CC0D3494AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A96FA9ED-7529-440D-984D-6340B94D8243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D70AB0-2910-4191-9980-5BA78E8F2E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A93600D-7271-4AF5-8133-C6AA5BC8543F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B4AFFF-A537-44BD-B97A-EFA9409DB8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function."
},
{
"lang": "es",
"value": "locale/programs/locale.c en la librer\u00eda C GNU (tambi\u00e9n conocido como glibc o libc6) anterior a v2.13 no formatea su salida, permitiendo a usuarios locales ganar privilegios mediante una variable de entorno localization manipulada, junto con un programa que ejecuta un script que usa la funci\u00f3n eval."
}
],
"id": "CVE-2011-1095",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-04-10T02:55:01.540",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=330923"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/21"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2011/03/08/22"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/8"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43830"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43976"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43989"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/46397"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1025286"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=11904"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11904"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=patch%3Bh=026373745eab50a683536d950cb7e17dc98c4259"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0413.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=625893"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=330923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/08/22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43830"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43989"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=11904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=patch%3Bh=026373745eab50a683536d950cb7e17dc98c4259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0413.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=625893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12272"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-06 19:15
Modified
2024-11-21 07:37
Severity ?
4.6 (Medium) - CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability. NOTE: The real existence of this vulnerability is still doubted at the moment. The inputs that induce this vulnerability are basically addresses of the running application that is built with gmon enabled. It's basically trusted input or input that needs an actual security flaw to be compromised or controlled.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cna@vuldb.com | https://patchwork.sourceware.org/project/glibc/patch/20230204114138.5436-1-leo%40yuriev.ru/ | Patch | |
| cna@vuldb.com | https://sourceware.org/bugzilla/show_bug.cgi?id=29444 | Issue Tracking, Patch, Third Party Advisory | |
| cna@vuldb.com | https://vuldb.com/?ctiid.220246 | Permissions Required, Third Party Advisory | |
| cna@vuldb.com | https://vuldb.com/?id.220246 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://patchwork.sourceware.org/project/glibc/patch/20230204114138.5436-1-leo%40yuriev.ru/ | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=29444 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?ctiid.220246 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?id.220246 | Permissions Required, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B48FF055-2F2F-4884-9E28-6EBBC7BE66C9",
"versionEndExcluding": "2.38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability. NOTE: The real existence of this vulnerability is still doubted at the moment. The inputs that induce this vulnerability are basically addresses of the running application that is built with gmon enabled. It\u0027s basically trusted input or input that needs an actual security flaw to be compromised or controlled."
}
],
"id": "CVE-2023-0687",
"lastModified": "2024-11-21T07:37:37.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:H/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 2.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4,
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-06T19:15:10.260",
"references": [
{
"source": "cna@vuldb.com",
"tags": [
"Patch"
],
"url": "https://patchwork.sourceware.org/project/glibc/patch/20230204114138.5436-1-leo%40yuriev.ru/"
},
{
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29444"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/?ctiid.220246"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/?id.220246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://patchwork.sourceware.org/project/glibc/patch/20230204114138.5436-1-leo%40yuriev.ru/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/?ctiid.220246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/?id.220246"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "cna@vuldb.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-04-08 15:17
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.debian.org/debian-security-announce/2011/msg00005.html | ||
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/02/01/3 | Patch | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/02/03/2 | Patch | |
| secalert@redhat.com | http://secunia.com/advisories/43830 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/43989 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/46397 | Vendor Advisory | |
| secalert@redhat.com | http://securitytracker.com/id?1025289 | ||
| secalert@redhat.com | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=96611391ad8823ba58405325d78cefeae5cdf699 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-0412.html | Vendor Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-0413.html | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/archive/1/520102/100/0/threaded | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1009-2 | ||
| secalert@redhat.com | http://www.vmware.com/security/advisories/VMSA-2011-0012.html | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2011/0863 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=667974 | Patch | |
| secalert@redhat.com | https://launchpad.net/bugs/701783 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13086 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.debian.org/debian-security-announce/2011/msg00005.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/02/01/3 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/02/03/2 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43830 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43989 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46397 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1025289 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=96611391ad8823ba58405325d78cefeae5cdf699 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-0412.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-0413.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/520102/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1009-2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2011-0012.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0863 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=667974 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.net/bugs/701783 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13086 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5-49.el5_5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0C879A9A-EDC8-42DE-83A8-41541B7520B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12-1.7.el6_0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BCD2CA-3D28-4C92-9EAF-951B5F443088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CECD221-9715-4ECD-88E5-3252EFCA784F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ruta (path) de b\u00fasqueda no confiable en el archivo elf/dl-object.c en ciertas versiones modificadas de la Biblioteca C de GNU (tambi\u00e9n se conoce como glibc o libc6), incluyendo glibc-2.5-49.el5_5.6 y glibc-2.12-1.7.el6_0.3 en Red Hat Enterprise Linux, permite a los usuarios locales alcanzar privilegios por medio de un dynamic shared object (DSO) dise\u00f1ado en un subdirectorio del directorio de trabajo actual durante la ejecuci\u00f3n de un programa (1) setuid o (2) setgid que tiene $ORIGIN en (a) RPATH o (b) RUNPATH dentro del propio programa o una biblioteca referenciada. NOTA: este problema se presenta debido a una soluci\u00f3n incorrecta de CVE-2010-3847."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html \r\n\u0027CWE-426: Untrusted Search Path\u0027",
"id": "CVE-2011-0536",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-04-08T15:17:26.137",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.debian.org/debian-security-announce/2011/msg00005.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/02/01/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/02/03/2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43830"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43989"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46397"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1025289"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=96611391ad8823ba58405325d78cefeae5cdf699"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0413.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1009-2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=667974"
},
{
"source": "secalert@redhat.com",
"url": "https://launchpad.net/bugs/701783"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13086"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.debian.org/debian-security-announce/2011/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/02/01/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/02/03/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43830"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43989"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=96611391ad8823ba58405325d78cefeae5cdf699"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0413.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1009-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=667974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://launchpad.net/bugs/701783"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13086"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-02-26 18:29
Modified
2024-11-21 04:51
Severity ?
Summary
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=24269 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=24269 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60F1CB2F-5B42-4134-8328-480F5F07932D",
"versionEndIncluding": "2.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by \u0027(|)(\\\\1\\\\1)*\u0027 in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern"
},
{
"lang": "es",
"value": "** EN DISPUTA ** EN GNU C Library (tambi\u00e9n conocido como glibc o libc6), hasta la versi\u00f3n 2.29, check_dst_limits_calc_pos_1 en posix/regexec.c tiene una recursi\u00f3n no controlada, tal y como queda demostrado con \"(|)(\\\\1\\\\1)*\" en grep. Este problema es diferente de CVE-2018-20796. NOTA: el mantenedor del software discute si esto es una vulnerabilidad debido a que el comportamiento solo ocurre con un patr\u00f3n manipulado."
}
],
"id": "CVE-2019-9192",
"lastModified": "2024-11-21T04:51:10.530",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-02-26T18:29:00.340",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269"
},
{
"source": "cve@mitre.org",
"url": "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp%3Butm_medium=RSS"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-674"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-24 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html | ||
| secalert@redhat.com | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| secalert@redhat.com | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2014/12/18/1 | ||
| secalert@redhat.com | http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/71670 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2519-1 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2018:0805 | ||
| secalert@redhat.com | https://seclists.org/bugtraq/2019/Jun/14 | ||
| secalert@redhat.com | https://seclists.org/bugtraq/2019/Sep/7 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201602-02 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=17630 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/12/18/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/71670 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2519-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:0805 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Jun/14 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201602-02 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=17630 | Exploit |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA913F6A-63A0-468F-A0E0-66748E337246",
"versionEndIncluding": "2.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process."
},
{
"lang": "es",
"value": "La implementaci\u00f3n nss_dns de getnetbyname en GNU C Library (tambi\u00e9n conocido como glibc) anterior a 2.21, cuando el backend DNS en la configuraci\u00f3n Name Service Switch est\u00e1 habilitado, permite a atacantes remotos causar una denegaci\u00f3n de servicio (bucle infinito) mediante el envi\u00f3 de una respuesta positiva mientras el nombre de una red est\u00e1 siendo procesada."
}
],
"id": "CVE-2014-9402",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-24T15:59:02.520",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2014/12/18/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/71670"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"source": "secalert@redhat.com",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "secalert@redhat.com",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17630"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/12/18/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71670"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17630"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-31 14:29
Modified
2024-11-21 03:39
Severity ?
Summary
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://seclists.org/oss-sec/2018/q1/38 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/102525 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1040162 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:0805 | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190404-0003/ | ||
| cve@mitre.org | https://usn.ubuntu.com/3534-1/ | Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/3536-1/ | Third Party Advisory | |
| cve@mitre.org | https://www.exploit-db.com/exploits/43775/ | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.exploit-db.com/exploits/44889/ | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/oss-sec/2018/q1/38 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102525 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040162 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:0805 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190404-0003/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3534-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3536-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/43775/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/44889/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| redhat | virtualization_host | 4.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "495E9424-0BBA-4820-B793-031DDAC80417",
"versionEndIncluding": "2.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution."
},
{
"lang": "es",
"value": "En glibc 2.26 y anteriores existe una confusi\u00f3n en el uso de getcwd() por realpath(), que puede emplearse para escribir antes del b\u00fafer de destino. Esto conduce a un subdesbordamiento de b\u00fafer y a una potencial ejecuci\u00f3n de c\u00f3digo."
}
],
"id": "CVE-2018-1000001",
"lastModified": "2024-11-21T03:39:23.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-31T14:29:00.607",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2018/q1/38"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102525"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040162"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3534-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3536-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/43775/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44889/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2018/q1/38"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3534-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3536-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/43775/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44889/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-25 22:15
Modified
2024-11-21 06:09
Severity ?
Summary
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/ | ||
| cve@mitre.org | https://security.gentoo.org/glsa/202107-07 | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20210629-0005/ | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=27896 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202107-07 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210629-0005/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=27896 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1 | Issue Tracking |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.32 | |
| gnu | glibc | 2.33 | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| netapp | cloud_backup | - | |
| netapp | e-series_santricity_os_controller | * | |
| netapp | solidfire_baseboard_management_controller_firmware | - | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h300e_firmware | - | |
| netapp | h300e | - | |
| netapp | h500e_firmware | - | |
| netapp | h500e | - | |
| netapp | h700e_firmware | - | |
| netapp | h700e | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "A96F6DE6-9BD2-416F-9C8D-88641D36D9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "1754FEE6-54B9-4367-BE30-D98FD3B32FF6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F81EC3-4AB0-4CD7-B845-267C5974DE98",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact."
},
{
"lang": "es",
"value": "La funci\u00f3n mq_notify de la Biblioteca C de GNU (tambi\u00e9n conocida como glibc) versiones 2.32 y 2.33 tiene un use-after-free. Puede utilizar el objeto de atributos del hilo de notificaci\u00f3n (pasado a trav\u00e9s de su par\u00e1metro struct sigevent) despu\u00e9s de que haya sido liberado por el llamante, lo que lleva a una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o posiblemente a otro impacto no especificado"
}
],
"id": "CVE-2021-33574",
"lastModified": "2024-11-21T06:09:07.140",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-25T22:15:10.410",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210629-0005/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210629-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-09 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted (1) NTFS or (2) CIFS image.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://secunia.com/advisories/55113 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2013/08/12/8 | Patch | |
| secalert@redhat.com | http://www.securityfocus.com/bid/61729 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1991-1 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=995839 | Patch | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201503-04 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=14699 | Patch | |
| secalert@redhat.com | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=91ce40854d0b7f865cf5024ef95a8026b76096f3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/55113 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/08/12/8 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/61729 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1991-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=995839 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=14699 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=91ce40854d0b7f865cf5024ef95a8026b76096f3 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 | |
| gnu | glibc | 2.13 | |
| gnu | glibc | 2.14 | |
| gnu | glibc | 2.14.1 | |
| gnu | glibc | 2.15 | |
| gnu | glibc | 2.16 | |
| gnu | glibc | 2.17 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDDAD2B2-386E-4DEA-A20E-0C2197E12089",
"versionEndIncluding": "2.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5D113-EF53-4690-92AC-B6E54D70AA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92B1C39D-1183-4FAE-85C2-D1DC7AA6F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "733A1711-D2FC-45C6-9542-893860851F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4CFA8E-9892-4DDA-9DB2-581711E974A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E91F85-7872-4290-BE7F-C966AC2773CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted (1) NTFS or (2) CIFS image."
},
{
"lang": "es",
"value": "sysdeps/posix/readdir_r.c en GNU C Library (tambi\u00e9n conocido como glibc o libc6) 2.18 y anteriores permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (escritura fuera de l\u00edmites y cuelgue) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de (1) NTFS o (2) una imagen CIFS manipulada."
}
],
"id": "CVE-2013-4237",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-09T22:55:02.650",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/55113"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/12/8"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/61729"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=995839"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=14699"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=91ce40854d0b7f865cf5024ef95a8026b76096f3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2013/08/12/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/61729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=995839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=14699"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=91ce40854d0b7f865cf5024ef95a8026b76096f3"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-04-08 15:17
Modified
2025-04-11 00:51
Severity ?
Summary
Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://code.google.com/p/chromium/issues/detail?id=48733 | Exploit | |
| cve@mitre.org | http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html | Exploit | |
| cve@mitre.org | http://secunia.com/advisories/44353 | ||
| cve@mitre.org | http://secunia.com/advisories/46397 | ||
| cve@mitre.org | http://sourceware.org/bugzilla/show_bug.cgi?id=12583 | Exploit, Patch | |
| cve@mitre.org | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=8126d90480fa3e0c5c5cd0d02cb1c93174b45485 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2011:179 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/520102/100/0/threaded | ||
| cve@mitre.org | http://www.securitytracker.com/id?1025450 | ||
| cve@mitre.org | http://www.vmware.com/security/advisories/VMSA-2011-0012.html | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=681054 | Exploit, Patch | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/66819 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/chromium/issues/detail?id=48733 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/44353 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46397 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/bugzilla/show_bug.cgi?id=12583 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=8126d90480fa3e0c5c5cd0d02cb1c93174b45485 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:179 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/520102/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1025450 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2011-0012.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=681054 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/66819 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 1.00 | |
| gnu | glibc | 1.01 | |
| gnu | glibc | 1.02 | |
| gnu | glibc | 1.03 | |
| gnu | glibc | 1.04 | |
| gnu | glibc | 1.05 | |
| gnu | glibc | 1.06 | |
| gnu | glibc | 1.07 | |
| gnu | glibc | 1.08 | |
| gnu | glibc | 1.09 | |
| gnu | glibc | 1.09.1 | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.3.10 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 | |
| gnu | glibc | 2.3.5 | |
| gnu | glibc | 2.3.6 | |
| gnu | glibc | 2.3.10 | |
| gnu | glibc | 2.4 | |
| gnu | glibc | 2.5 | |
| gnu | glibc | 2.5.1 | |
| gnu | glibc | 2.6 | |
| gnu | glibc | 2.6.1 | |
| gnu | glibc | 2.7 | |
| gnu | glibc | 2.8 | |
| gnu | glibc | 2.9 | |
| gnu | glibc | 2.10 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.10.2 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12.0 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C95B740-039D-40BB-BC5B-8D6790E90607",
"versionEndIncluding": "2.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "AA23C241-132B-423E-A22A-7206A8074D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F79978B1-8831-4169-B815-80138C85832C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "991EB676-F043-418D-BD81-0BB937236D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0C5DB0-602E-4296-884C-60E24FC80458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "3211F47C-DF6D-4355-95F8-DED317700621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "229BFD88-A90F-4D2B-97B9-822A7D87EAEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE253B0-D8E0-4099-8CA7-8925B4809F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*",
"matchCriteriaId": "D640F556-8181-4F15-B2F7-7EC7E8869FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*",
"matchCriteriaId": "061383CD-B9AD-41C6-8C46-F79870B9CD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*",
"matchCriteriaId": "9897B03F-A457-4B29-9C5E-FEA084D3BF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C3684B-CE01-46B5-9E41-BF58E6A5AA64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD93D5-70BB-475C-BDD3-DEDE9965C5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44A511B6-72EC-4200-8C1C-BDE30BC2431A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B03C644D-0EF9-4586-96D5-5DEE78D9D5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47AD8A88-DAF0-4206-8661-70075BA2AE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42AD17CD-545F-425A-92CF-0EE5F5B5F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0660536D-7F82-4B91-8B84-704D26FE989F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E2037E8C-43E8-4121-B877-1834282ACD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5E85-9AFA-429A-AC51-8D8EC2841330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D41ABE25-DECD-4068-93DA-0B85281FD93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "84600406-0CE2-46EA-A5AD-4CC0D3494AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A96FA9ED-7529-440D-984D-6340B94D8243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D70AB0-2910-4191-9980-5BA78E8F2E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A93600D-7271-4AF5-8133-C6AA5BC8543F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B4AFFF-A537-44BD-B97A-EFA9409DB8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en posix/fnmatch.c en la biblioteca de C de GNU \r\n(tambi\u00e9n conocida como glibc o libc6) v2.13 y anteriores, permite a atacantes dependientes del contexto causar una denegaci\u00f3n de servicio \r\n(bloqueo de la aplicaci\u00f3n) a trav\u00e9s de una cadena UTF8 larga que se utiliza en \r\nuna llamada fnmatch con un patr\u00f3n de argumento manipulado, un \r\nvulnerabilidad diferente de CVE-2011-1071."
}
],
"id": "CVE-2011-1659",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-04-08T15:17:28.540",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=48733"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/44353"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/46397"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12583"
},
{
"source": "cve@mitre.org",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=8126d90480fa3e0c5c5cd0d02cb1c93174b45485"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:179"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1025450"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681054"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=48733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/44353"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=8126d90480fa3e0c5c5cd0d02cb1c93174b45485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66819"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-03 18:15
Modified
2025-05-06 21:02
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/errata/RHBA-2024:2413 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:5453 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:5454 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:5455 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:5476 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2024:0033 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2023-4911 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2238352 | Issue Tracking, Patch | |
| secalert@redhat.com | https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt | Exploit, Third Party Advisory | |
| secalert@redhat.com | https://www.qualys.com/cve-2023-4911/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/174986/glibc-ld.so-Local-Privilege-Escalation.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/176288/Glibc-Tunables-Privilege-Escalation.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2023/Oct/11 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/03/2 | Exploit, Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/03/3 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/05/1 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/13/11 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/14/3 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/14/5 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/14/6 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:5453 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:5454 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:5455 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:5476 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2024:0033 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2023-4911 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2238352 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/ | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/ | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/ | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-03 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20231013-0006/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2023/dsa-5514 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.qualys.com/cve-2023-4911/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 | |
| fedoraproject | fedora | 39 | |
| redhat | codeready_linux_builder | 9.0 | |
| redhat | codeready_linux_builder_eus | 8.6 | |
| redhat | codeready_linux_builder_eus | 9.2 | |
| redhat | codeready_linux_builder_eus | 9.4 | |
| redhat | codeready_linux_builder_for_arm64 | 9.0_aarch64 | |
| redhat | codeready_linux_builder_for_arm64_eus | 8.6 | |
| redhat | codeready_linux_builder_for_arm64_eus | 9.2_aarch64 | |
| redhat | codeready_linux_builder_for_arm64_eus | 9.4_aarch64 | |
| redhat | codeready_linux_builder_for_ibm_z_systems | 9.0_s390x | |
| redhat | codeready_linux_builder_for_ibm_z_systems_eus | 8.6 | |
| redhat | codeready_linux_builder_for_ibm_z_systems_eus | 9.2_s390x | |
| redhat | codeready_linux_builder_for_ibm_z_systems_eus | 9.4_s390x | |
| redhat | codeready_linux_builder_for_power_little_endian | 9.0_ppc64le | |
| redhat | codeready_linux_builder_for_power_little_endian_eus | 8.6 | |
| redhat | codeready_linux_builder_for_power_little_endian_eus | 9.2_ppc64le | |
| redhat | codeready_linux_builder_for_power_little_endian_eus | 9.4_ppc64le | |
| redhat | virtualization | 4.0 | |
| redhat | virtualization_host | 4.0 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 | |
| redhat | enterprise_linux_eus | 8.6 | |
| redhat | enterprise_linux_eus | 9.2 | |
| redhat | enterprise_linux_eus | 9.4 | |
| redhat | enterprise_linux_for_arm_64 | 9.0_aarch64 | |
| redhat | enterprise_linux_for_arm_64_eus | 8.6_aarch64 | |
| redhat | enterprise_linux_for_arm_64_eus | 9.2_aarch64 | |
| redhat | enterprise_linux_for_arm_64_eus | 9.4_aarch64 | |
| redhat | enterprise_linux_for_ibm_z_systems | 9.0_s390x | |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 9.2_s390x | |
| redhat | enterprise_linux_for_ibm_z_systems_eus | 9.4_s390x | |
| redhat | enterprise_linux_for_ibm_z_systems_eus_s390x | 8.6 | |
| redhat | enterprise_linux_for_power_big_endian_eus | 8.6_ppc64le | |
| redhat | enterprise_linux_for_power_little_endian | 9.0_ppc64le | |
| redhat | enterprise_linux_for_power_little_endian_eus | 9.2_ppc64le | |
| redhat | enterprise_linux_for_power_little_endian_eus | 9.4_ppc64le | |
| redhat | enterprise_linux_server_aus | 8.6 | |
| redhat | enterprise_linux_server_aus | 9.2 | |
| redhat | enterprise_linux_server_aus | 9.4 | |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | 9.2_ppc64le | |
| redhat | enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions | 9.4_ppc64le | |
| redhat | enterprise_linux_server_tus | 8.6 | |
| canonical | ubuntu_linux | 22.04 | |
| canonical | ubuntu_linux | 23.04 | |
| debian | debian_linux | 11.0 | |
| debian | debian_linux | 12.0 | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | ontap_select_deploy_administration_utility | - |
{
"cisaActionDue": "2023-12-12",
"cisaExploitAdd": "2023-11-21",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "GNU C Library Buffer Overflow Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71609239-5262-473E-ACCE-18AE51AB184E",
"versionEndExcluding": "2.39",
"versionStartIncluding": "2.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABBAA9E-CCBA-480B-ABB5-454448D91262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE16CC2-C6B4-4B73-98A1-F28475A92F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "936B046D-ADEB-4701-8957-AC28CFA9C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2C4B0BD8-527F-4728-A64B-F8F06D5EDEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "910C9542-26FC-4635-9351-128727971830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB1DF28D-0D84-4E40-8E46-BA0EFD371111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "09AAD850-019A-46B8-A5A1-845DE048D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "88F9EB73-1F19-4BD9-AB19-36F9F1A5156E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3C5EAE-267F-410F-8AFA-8F5B68A9E617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1A0CA2-2BBD-4A7A-B467-F456867D5EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "86034E5B-BCDD-4AFD-A460-38E790F608F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "35232613-B8B5-4F4D-A6CD-3823C6666534",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "7B3D7389-35C1-48C4-A9EC-2564842723C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "845B853C-8F99-4987-AA8E-76078CE6A977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "C2ED1251-245C-4390-8964-DDCAD54A8957",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "03A1BB59-4BE6-4339-ABB7-C18B7D899FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3741B8-851F-475D-B428-523F4F722350",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B03506D7-0FCD-47B7-90F6-DDEEB5C5A733",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "37B7CE5C-BFEA-4F96-9759-D511EF189059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "9A879F9F-F087-45D4-BD65-2990276477D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*",
"matchCriteriaId": "01363FFA-F7A6-43FC-8D47-E67F95410095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "FB056B47-1F45-4CE4-81F6-872F66C24C29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "26041661-0280-4544-AA0A-BC28FCED4699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*",
"matchCriteriaId": "F843B777-5C64-4CAE-80D6-89DC2C9515B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus_s390x:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C0ED62-9DEE-437C-AC01-0173128259DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "A633E21A-EBAA-41C9-A009-A36BDC762464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "99952557-C766-4B9E-8BF5-DBBA194349FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "76C24D94-834A-4E9D-8F73-624AFA99AAA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39D345D3-108A-4551-A112-5EE51991411A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6A25CB-907A-4D05-8460-A2488938A8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:*:*:*:*:*:*:*",
"matchCriteriaId": "3C30F155-DF7D-4195-92D9-A5B80407228D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1272DF03-7674-4BD4-8E64-94004B195448",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E702D7-F8C0-49BF-9FFB-883017076E98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow was discovered in the GNU C Library\u0027s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un desbordamiento del b\u00fafer en el cargador din\u00e1mico ld.so de la librer\u00eda GNU C mientras se procesaba la variable de entorno GLIBC_TUNABLES. Este problema podr\u00eda permitir que un atacante local utilice variables de entorno GLIBC_TUNABLES manipuladas con fines malintencionados al iniciar archivos binarios con permiso SUID para ejecutar c\u00f3digo con privilegios elevados."
}
],
"id": "CVE-2023-4911",
"lastModified": "2025-05-06T21:02:34.223",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-10-03T18:15:10.463",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2024:2413"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5454"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5476"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:0033"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4911"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238352"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.qualys.com/cve-2023-4911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/174986/glibc-ld.so-Local-Privilege-Escalation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/176288/Glibc-Tunables-Privilege-Escalation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/05/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/14/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/14/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/14/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:5476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2024:0033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20231013-0006/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://www.debian.org/security/2023/dsa-5514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.qualys.com/cve-2023-4911/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-15 04:15
Modified
2024-11-21 04:17
Severity ?
Summary
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| josh@bress.net | https://security-tracker.debian.org/tracker/CVE-2019-1010025 | ||
| josh@bress.net | https://sourceware.org/bugzilla/show_bug.cgi?id=22853 | Exploit, Issue Tracking, Third Party Advisory | |
| josh@bress.net | https://support.f5.com/csp/article/K06046097 | ||
| josh@bress.net | https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS | ||
| josh@bress.net | https://ubuntu.com/security/CVE-2019-1010025 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2019-1010025 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=22853 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K06046097 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://ubuntu.com/security/CVE-2019-1010025 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68D5A70D-5CEE-4E19-BF35-0245A0E0F6BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "josh@bress.net",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor\u0027s position is \"ASLR bypass itself is not a vulnerability."
},
{
"lang": "es",
"value": "** EN DISPUTA **La biblioteca Libc actual de GNU est\u00e1 afectada por: Omisi\u00f3n de Mitigaci\u00f3n. El impacto es: el atacante puede adivinar las direcciones heap del subproceso (hilo) pthread_created. El componente es: glibc.NOTA: la posici\u00f3n del proveedor es \"ASLR bypass en s\u00ed mismo no es una vulnerabilidad\"."
}
],
"id": "CVE-2019-1010025",
"lastModified": "2024-11-21T04:17:55.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-15T04:15:13.537",
"references": [
{
"source": "josh@bress.net",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010025"
},
{
"source": "josh@bress.net",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853"
},
{
"source": "josh@bress.net",
"url": "https://support.f5.com/csp/article/K06046097"
},
{
"source": "josh@bress.net",
"url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"source": "josh@bress.net",
"url": "https://ubuntu.com/security/CVE-2019-1010025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K06046097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://ubuntu.com/security/CVE-2019-1010025"
}
],
"sourceIdentifier": "josh@bress.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-14 07:15
Modified
2025-05-05 17:17
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/202208-24 | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=22542 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202208-24 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=22542 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_function_cloud_native_environment | 22.1.0 | |
| oracle | communications_cloud_native_core_network_repository_function | 22.1.2 | |
| oracle | communications_cloud_native_core_network_repository_function | 22.2.0 | |
| oracle | communications_cloud_native_core_security_edge_protection_proxy | 22.1.1 | |
| oracle | communications_cloud_native_core_unified_data_repository | 22.2.0 | |
| oracle | enterprise_operations_monitor | 4.3 | |
| oracle | enterprise_operations_monitor | 4.4 | |
| oracle | enterprise_operations_monitor | 5.0 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "580654C1-5047-40F4-9518-2AACF59AC357",
"versionEndExcluding": "2.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04E6C8E9-2024-496C-9BFD-4548A5B44E2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A264E0DE-209D-49B1-8B26-51AB8BBC97F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB5FF32-7362-4A1E-AD24-EF6B8770FCAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B40FAF9-0A6B-41C4-8CAD-D3D1DD982C2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74810125-09E6-4F27-B541-AFB61112AC56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_operations_monitor:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5453265-3BE1-4AF0-BE50-13C2EF67F49B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_operations_monitor:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "93E0B297-A319-4961-976C-7DDA5A0B9353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_operations_monitor:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AEFDF7DD-4D5D-410B-840F-99A8D7DEE4A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution."
},
{
"lang": "es",
"value": "La funci\u00f3n de compatibilidad obsoleta clnt_create en el m\u00f3dulo sunrpc de la Biblioteca C de GNU (tambi\u00e9n se conoce como glibc) versiones hasta 2.34, copia su argumento de nombre de host en la pila sin comprobar su longitud, que puede resultar en un desbordamiento de b\u00fafer, resultando potencialmente en una denegaci\u00f3n de servicio o (si una aplicaci\u00f3n no est\u00e1 construida con un protector de pila habilitado) la ejecuci\u00f3n de c\u00f3digo arbitrario"
}
],
"id": "CVE-2022-23219",
"lastModified": "2025-05-05T17:17:55.843",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-01-14T07:15:08.867",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-24"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-24"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-03 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/1166 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1166 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "52D1DAE0-DB4D-475F-B11B-29AA3A00DB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93BB48F5-A635-402E-AE7F-B8AB90ED0C70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5FE281A-610F-42CA-B741-53F2D70A3F38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results."
}
],
"id": "CVE-2000-0335",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-03T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1166"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-30 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states "This is just nonsense. There are a gazillion other ways to introduce code if people are downloading arbitrary binaries and install them in appropriate directories or set LD_LIBRARY_PATH etc.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/07/10 | Exploit | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/07/13 | Exploit, Patch | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/07/7 | Exploit | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/08/1 | Exploit, Patch | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/08/10 | Exploit, Patch | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/08/2 | Exploit, Patch | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/08/3 | Exploit, Patch | |
| cve@mitre.org | http://openwall.com/lists/oss-security/2011/03/08/7 | Exploit, Patch | |
| cve@mitre.org | http://reverse.lostrealm.com/protect/ldd.html | Exploit | |
| cve@mitre.org | http://www.catonmat.net/blog/ldd-arbitrary-code-execution/ | Exploit | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2011-1526.html | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=531160 | Exploit, Patch | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=682998 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/07/10 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/07/13 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/07/7 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/08/1 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/08/10 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/08/2 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/08/3 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/03/08/7 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://reverse.lostrealm.com/protect/ldd.html | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.catonmat.net/blog/ldd-arbitrary-code-execution/ | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1526.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=531160 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=682998 | Exploit, Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 1.00 | |
| gnu | glibc | 1.01 | |
| gnu | glibc | 1.02 | |
| gnu | glibc | 1.03 | |
| gnu | glibc | 1.04 | |
| gnu | glibc | 1.05 | |
| gnu | glibc | 1.06 | |
| gnu | glibc | 1.07 | |
| gnu | glibc | 1.08 | |
| gnu | glibc | 1.09 | |
| gnu | glibc | 1.09.1 | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0648C0D-93C6-4A74-89E2-377E5456E2F0",
"versionEndIncluding": "2.1.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "AA23C241-132B-423E-A22A-7206A8074D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F79978B1-8831-4169-B815-80138C85832C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "991EB676-F043-418D-BD81-0BB937236D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0C5DB0-602E-4296-884C-60E24FC80458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "3211F47C-DF6D-4355-95F8-DED317700621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "229BFD88-A90F-4D2B-97B9-822A7D87EAEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE253B0-D8E0-4099-8CA7-8925B4809F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*",
"matchCriteriaId": "D640F556-8181-4F15-B2F7-7EC7E8869FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*",
"matchCriteriaId": "061383CD-B9AD-41C6-8C46-F79870B9CD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*",
"matchCriteriaId": "9897B03F-A457-4B29-9C5E-FEA084D3BF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C3684B-CE01-46B5-9E41-BF58E6A5AA64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states \"This is just nonsense. There are a gazillion other ways to introduce code if people are downloading arbitrary binaries and install them in appropriate directories or set LD_LIBRARY_PATH etc."
},
{
"lang": "es",
"value": "**DISPUTADA** ldd en la Biblioteca de C de GNU (tambi\u00e9n conocida como glibc o libc6) v2.13 y anteriores permite a usuarios locales conseguir privilegios a trav\u00e9s de un troyano ejecutable enlazado con un cargador modificado que omite los controles LD_TRACE_LOADED_OBJECTS determinados. NOTA: El desarrollador de la libre\u00eda C de GNU dice \"Esto es un sinsentido. Hay tropecientas formas de introducir c\u00f3digo si la gente est\u00e1 descargando archivos binarios y los instala en directorios adecuados o establece LD_LIBRARY_PATH, etc. \""
}
],
"id": "CVE-2009-5064",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-30T22:55:01.330",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/10"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/13"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/10"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://reverse.lostrealm.com/protect/ldd.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.catonmat.net/blog/ldd-arbitrary-code-execution/"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1526.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531160"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=682998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://reverse.lostrealm.com/protect/ldd.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.catonmat.net/blog/ldd-arbitrary-code-execution/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1526.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=682998"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-08-29 16:55
Modified
2025-04-12 10:46
Severity ?
Summary
Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html | Third Party Advisory | |
| secalert@redhat.com | http://linux.oracle.com/errata/ELSA-2015-0092.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00017.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2014-1118.html | Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2014/Aug/69 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/60345 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/60358 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/60441 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/61074 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/61093 | Third Party Advisory | |
| secalert@redhat.com | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-5119 | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=swg21685604 | Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2014/dsa-3012 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2014:175 | Third Party Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2014/07/14/1 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2014/08/13/5 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/68983 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securityfocus.com/bid/69738 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://code.google.com/p/google-security-research/issues/detail?id=96 | Third Party Advisory | |
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2014-1110.html | Third Party Advisory | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201602-02 | Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=17187 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://linux.oracle.com/errata/ELSA-2015-0092.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00017.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-1118.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2014/Aug/69 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60345 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60358 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/60441 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/61074 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/61093 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-5119 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21685604 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2014/dsa-3012 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2014:175 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/07/14/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/08/13/5 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/68983 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/69738 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://code.google.com/p/google-security-research/issues/detail?id=96 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2014-1110.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201602-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=17187 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| debian | debian_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8768EA17-45CA-4B47-B9E6-D58D11C45B56",
"versionEndExcluding": "2.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules."
},
{
"lang": "es",
"value": "Error de superaci\u00f3n de l\u00edmite (off-by-one) en la funci\u00f3n __gconv_translit_find en gconv_trans.c en GNU C Library (tambi\u00e9n conocido como glibc) permite a atacantes dependientes de contexto causar una denegaci\u00f3n de servicio (ca\u00edda) o ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores relacionados con la variable del entorno CHARSET y los m\u00f3dulos de transliteraci\u00f3n gconv."
}
],
"id": "CVE-2014-5119",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-08-29T16:55:11.513",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00017.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1118.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Aug/69"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60345"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60358"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60441"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61074"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61093"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-5119"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3012"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:175"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/14/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/08/13/5"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/68983"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/69738"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://code.google.com/p/google-security-research/issues/detail?id=96"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2014-1110.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://googleprojectzero.blogspot.com/2014/08/the-poisoned-nul-byte-2014-edition.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://linux.oracle.com/errata/ELSA-2015-0092.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1118.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Aug/69"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/61093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-5119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/07/14/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/08/13/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/68983"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/69738"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://code.google.com/p/google-security-research/issues/detail?id=96"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2014-1110.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17187"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-02-26 02:29
Modified
2024-11-21 04:51
Severity ?
Summary
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/107160 | Broken Link | |
| cve@mitre.org | https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140 | Exploit, Mailing List, Vendor Advisory | |
| cve@mitre.org | https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142 | Exploit, Mailing List, Vendor Advisory | |
| cve@mitre.org | https://kc.mcafee.com/corporate/index?page=content&id=SB10278 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/202006-04 | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190315-0002/ | Patch, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=24114 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=583dd860d5b833037175247230a328f0050dbfe9 | ||
| cve@mitre.org | https://support.f5.com/csp/article/K54823184 | Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/4416-1/ | Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuapr2022.html | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107160 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140 | Exploit, Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142 | Exploit, Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10278 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202006-04 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190315-0002/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=24114 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=583dd860d5b833037175247230a328f0050dbfe9 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K54823184 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4416-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Not Applicable |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| netapp | cloud_backup | * | |
| netapp | ontap_select_deploy_administration_utility | - | |
| netapp | steelstore_cloud_integrated_storage | - | |
| mcafee | web_gateway | * | |
| mcafee | web_gateway | * | |
| mcafee | web_gateway | * | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60F1CB2F-5B42-4134-8328-480F5F07932D",
"versionEndIncluding": "2.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4433FEA1-564D-4592-BB12-1C194B543928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "386CB247-4434-46BB-8A58-258835A80C89",
"versionEndExcluding": "7.7.2.21",
"versionStartIncluding": "7.7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98F71D11-7579-4005-B3F8-4A4324E81BD3",
"versionEndExcluding": "7.8.2.8",
"versionStartIncluding": "7.8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D943214-14D8-47BC-BCF4-76B78EE95028",
"versionEndExcluding": "8.1.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match."
},
{
"lang": "es",
"value": "En la biblioteca GNU C (tambi\u00e9n conocida como glibc o libc6), hasta la versi\u00f3n 2.29, proceed_next_node en posix/regexec.c tiene una sobrelectura de b\u00fafer basada en memoria din\u00e1mica (heap) mediante un intento de coincidencia de expresiones regulares que no distinguen entre may\u00fasculas y min\u00fasculas."
}
],
"id": "CVE-2019-9169",
"lastModified": "2024-11-21T04:51:07.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-02-26T02:29:00.497",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/107160"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10278"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190315-0002/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24114"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=583dd860d5b833037175247230a328f0050dbfe9"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K54823184"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/107160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190315-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=583dd860d5b833037175247230a328f0050dbfe9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K54823184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-01-18 19:29
Modified
2024-11-21 04:46
Severity ?
Summary
The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/106671 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/202006-04 | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=24097 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106671 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202006-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=24097 | Issue Tracking, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D60C9E29-AEFB-4A10-9E1C-1DC3C68FF0B8",
"versionEndIncluding": "2.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy."
},
{
"lang": "es",
"value": "El componente string en GNU C Library (tambi\u00e9n conocido como glibc o libc6) hasta la versi\u00f3n 2.28, cuando se ejecuta en la arquitectura x32, intenta usar de manera incorrecta un registro de 64 bits para \"size_t\" en c\u00f3digos de ensamblado, lo que puede provocar un fallo de segmentaci\u00f3n u otro impacto no especificado, tal y como queda demostrado con un cierre inesperado en __memmove_avx_unaligned_ermsen sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S durante un memcpy."
}
],
"id": "CVE-2019-6488",
"lastModified": "2024-11-21T04:46:32.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-18T19:29:00.200",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/106671"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/106671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24097"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-24 16:15
Modified
2024-11-21 06:23
Severity ?
Summary
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2021-3999 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2024637 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://security-tracker.debian.org/tracker/CVE-2021-3999 | Third Party Advisory | |
| secalert@redhat.com | https://security.netapp.com/advisory/ntap-20221104-0001/ | Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=28769 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e | ||
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2022/01/24/4 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2021-3999 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2024637 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2021-3999 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20221104-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=28769 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2022/01/24/4 | Exploit, Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| debian | debian_linux | 10.0 | |
| netapp | e-series_performance_analyzer | - | |
| netapp | nfs_plug-in | * | |
| netapp | ontap_select_deploy_administration_utility | - | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "580654C1-5047-40F4-9518-2AACF59AC357",
"versionEndExcluding": "2.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24B8DB06-590A-4008-B0AB-FCD1401C77C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:nfs_plug-in:*:*:*:*:*:vmware_vaai:*:*",
"matchCriteriaId": "67C3FDD1-BB06-4F30-BA15-4AA98212CB8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo en glibc. Un desbordamiento y subdesbordamiento de b\u00fafer en la funci\u00f3n getcwd() puede conllevar a una corrupci\u00f3n de memoria cuando el tama\u00f1o del b\u00fafer es exactamente 1. Un atacante local que pueda controlar el b\u00fafer de entrada y el tama\u00f1o pasado a getcwd() en un programa setuid podr\u00eda usar este fallo para ejecutar potencialmente c\u00f3digo arbitrario y escalar sus privilegios en el sistema."
}
],
"id": "CVE-2021-3999",
"lastModified": "2024-11-21T06:23:20.937",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-24T16:15:09.077",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3999"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3999"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221104-0001/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/24/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221104-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/24/4"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-193"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-193"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-12-17 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2015-2172.html | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/78092 | ||
| secalert@redhat.com | http://www.securitytracker.com/id/1034196 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-1 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-2 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1262914 | ||
| secalert@redhat.com | https://seclists.org/bugtraq/2019/Sep/7 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201702-11 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=17079 | ||
| secalert@redhat.com | https://sourceware.org/ml/libc-alpha/2014-09/msg00088.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-2172.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/78092 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1034196 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1262914 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201702-11 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=17079 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/ml/libc-alpha/2014-09/msg00088.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| gnu | glibc | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "341320B9-8C6F-40EC-ADF9-0EA8A7D51FF8",
"versionEndIncluding": "2.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database."
},
{
"lang": "es",
"value": "La funci\u00f3n get_contents en nss_files/files-XXX.c en el Name Service Switch (NSS) en GNU C Library (tambi\u00e9n conocida como glibc o libc6) en versiones anteriores a 2.20 puede permitir a usuarios locales causar una denegaci\u00f3n de servicio (corrupci\u00f3n de pila) o ganar privilegios a trav\u00e9s de una larga fila en la base de datos de archivos NSS."
}
],
"id": "CVE-2015-5277",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-12-17T19:59:02.573",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2172.html"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/78092"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1034196"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262914"
},
{
"source": "secalert@redhat.com",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17079"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/ml/libc-alpha/2014-09/msg00088.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2172.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/78092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/ml/libc-alpha/2014-09/msg00088.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-18 14:29
Modified
2025-04-20 01:37
Severity ?
Summary
scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2015/03/12/14 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1196745 | Third Party Advisory | |
| secalert@redhat.com | https://marc.info/?l=gimp-developer&m=129567990905823&w=2 | Exploit | |
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=13138#c4 | Issue Tracking | |
| secalert@redhat.com | https://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=20b38e0 | ||
| secalert@redhat.com | https://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=3f8cc204fdd0 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/03/12/14 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1196745 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://marc.info/?l=gimp-developer&m=129567990905823&w=2 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=13138#c4 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=20b38e0 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=3f8cc204fdd0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A789ED-8F21-4477-A7E6-5018A4AB15BE",
"versionEndIncluding": "2.14.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s."
},
{
"lang": "es",
"value": "La funci\u00f3n scanf y las funciones relacionadas en glibc en versiones anteriores a la 2.15 permiten que usuarios locales provoquen una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n) mediante una larga cadena de ceros."
}
],
"id": "CVE-2011-5320",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-18T14:29:00.217",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/12/14"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1196745"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "https://marc.info/?l=gimp-developer\u0026m=129567990905823\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=13138#c4"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=20b38e0"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=3f8cc204fdd0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/12/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1196745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://marc.info/?l=gimp-developer\u0026m=129567990905823\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=13138#c4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=20b38e0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=3f8cc204fdd0"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-19 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html | Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2017-0680.html | ||
| secalert@redhat.com | http://www.debian.org/security/2016/dsa-3480 | ||
| secalert@redhat.com | http://www.debian.org/security/2016/dsa-3481 | Third Party Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2016/01/19/11 | Third Party Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2016/01/20/1 | Issue Tracking | |
| secalert@redhat.com | http://www.securityfocus.com/bid/83277 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-2 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2017:1916 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201602-02 | Third Party Advisory | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201702-11 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=18985 | Issue Tracking | |
| secalert@redhat.com | https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2017-0680.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3480 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3481 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/01/19/11 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/01/20/1 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/83277 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1916 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201602-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201702-11 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=18985 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| suse | linux_enterprise_debuginfo | 11 | |
| suse | linux_enterprise_debuginfo | 11 | |
| suse | linux_enterprise_debuginfo | 11 | |
| opensuse | opensuse | 13.2 | |
| suse | linux_enterprise_desktop | 11 | |
| suse | linux_enterprise_desktop | 11 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_software_development_kit | 11 | |
| suse | linux_enterprise_software_development_kit | 11 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| suse | suse_linux_enterprise_server | 12 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.10 | |
| debian | debian_linux | 8.0 | |
| fedoraproject | fedora | 23 | |
| gnu | glibc | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D5900A25-FDD7-4900-BF7C-F3ECCB714D2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "58D3B6FD-B474-4B09-B644-A8634A629280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "F892F1B0-514C-42F7-90AE-12ACDFDC1033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*",
"matchCriteriaId": "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "8B072472-B463-4647-885D-E40B0115C810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2076747F-A98E-4DD9-9B52-BF1732BCAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "D41A798E-0D69-43C7-9A63-1E5921138EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2A1559-651C-46B0-B436-8E03DC8A60D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5A633996-2FD7-467C-BAA6-529E16BD06D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*",
"matchCriteriaId": "9C649194-B8C2-49F7-A819-C635EE584ABF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E32895-9C7B-4DE8-9BB5-0177406EB761",
"versionEndIncluding": "2.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value."
},
{
"lang": "es",
"value": "La funci\u00f3n strftime en la GNU C Library (tambi\u00e9n conocida como glibc o libc6) en versiones anteriores a 2.23 permite a atacantes dependientes del contexto causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente obtener informaci\u00f3n sensible a trav\u00e9s de un valor de tiempo fuera de rango."
}
],
"id": "CVE-2015-8776",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-19T21:59:04.037",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/83277"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18985"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/83277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-12-05 17:29
Modified
2025-04-20 01:37
Severity ?
Summary
The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache (aka tcache) feature enables a code path that lacks an integer overflow check.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=22375 | Exploit, Issue Tracking | |
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=34697694e8a93b325b18f25f7dcded55d6baeaf6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=22375 | Exploit, Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=34697694e8a93b325b18f25f7dcded55d6baeaf6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "7B1B17E4-66FB-48F1-A417-2B502955257A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache (aka tcache) feature enables a code path that lacks an integer overflow check."
},
{
"lang": "es",
"value": "La funci\u00f3n malloc en GNU C Library (tambi\u00e9n conocida como glibc o libc6) 2.26 podr\u00eda devolver un bloque de memoria demasiado peque\u00f1o si se intenta asignar un objeto cuyo tama\u00f1o se acerca a SIZE_MAX. Esto podr\u00eda conducir a un desbordamiento de memoria din\u00e1mica (heap). Esto ocurre debido a que la caracter\u00edstica de cach\u00e9 per-thread (tambi\u00e9n conocida como tcache) habilita una ruta de c\u00f3digo a la que le falta una comprobaci\u00f3n de desbordamiento de enteros."
}
],
"id": "CVE-2017-17426",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-05T17:29:00.940",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22375"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=34697694e8a93b325b18f25f7dcded55d6baeaf6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=34697694e8a93b325b18f25f7dcded55d6baeaf6"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-01 14:29
Modified
2024-11-21 04:10
Severity ?
Summary
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.debian.org/878159 | Issue Tracking, Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/102912 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://access.redhat.com/errata/RHBA-2019:0327 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:3092 | Patch, Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190404-0003/ | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=22343 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/4218-1/ | ||
| cve@mitre.org | https://usn.ubuntu.com/4416-1/ | ||
| cve@mitre.org | https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/878159 | Issue Tracking, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102912 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHBA-2019:0327 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3092 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190404-0003/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=22343 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4218-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4416-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| redhat | virtualization_host | 4.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| oracle | communications_session_border_controller | 8.0.0 | |
| oracle | communications_session_border_controller | 8.1.0 | |
| oracle | communications_session_border_controller | 8.2.0 | |
| oracle | enterprise_communications_broker | 3.0.0 | |
| oracle | enterprise_communications_broker | 3.1.0 | |
| netapp | cloud_backup | - | |
| netapp | data_ontap_edge | - | |
| netapp | element_software | - | |
| netapp | element_software_management | - | |
| netapp | steelstore_cloud_integrated_storage | - | |
| netapp | storage_replication_adapter | * | |
| netapp | vasa_provider | * | |
| netapp | vasa_provider | 6.x | |
| netapp | virtual_storage_console | * | |
| netapp | virtual_storage_console | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "495E9424-0BBA-4820-B793-031DDAC80417",
"versionEndIncluding": "2.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F59AE20-7B9D-47A5-9E0D-A73F4A0E7D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4AF039-F3B6-45EB-A87E-8BCCF822AE23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "404A4EE8-6572-4B35-8C6A-A3CB8F1308A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_communications_broker:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17C9CFFB-0F3A-4E59-B6C9-9C8A20BB9B91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E11C65C3-1B17-4362-A99C-59583081A24D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software_management:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E63EEA7-05AB-4B1C-9061-AF357566DCDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:storage_replication_adapter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E82538D3-D912-4943-AFFB-34B8EBB33C6A",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider:*:*:*:*:*:clustered_data_ontap:*:*",
"matchCriteriaId": "C57F75D8-DF7A-49D1-BB27-FF21661107B3",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:vasa_provider:6.x:*:*:*:*:clustered_data_ontap:*:*",
"matchCriteriaId": "DFA159F3-FFE5-4488-9547-8649F285C0C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "B7B42CB6-3C14-4183-AFA8-C3682F8B54AB",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:virtual_storage_console:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D07062-AA59-49D9-9F27-F2024B873266",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption."
},
{
"lang": "es",
"value": "Un desbordamiento de enteros en la implementaci\u00f3n de posix_memalign en las funciones memalign en GNU C Library (tambi\u00e9n conocido como glibc o libc6) en versiones 2.26 y anteriores podr\u00eda provocar que estas funciones devuelvan un puntero a un \u00e1rea de la memoria din\u00e1mica (heap) demasiado peque\u00f1a, pudiendo corromper el heap."
}
],
"id": "CVE-2018-6485",
"lastModified": "2024-11-21T04:10:45.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-01T14:29:00.623",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://bugs.debian.org/878159"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102912"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22343"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/4218-1/"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://bugs.debian.org/878159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4218-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-04 15:15
Modified
2024-11-21 04:54
Severity ?
Summary
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/ | ||
| cve@mitre.org | https://security.gentoo.org/glsa/202006-04 | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20200327-0003/ | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=25487 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=9333498794cde1d5cca518badf79533a24114b6f | ||
| cve@mitre.org | https://usn.ubuntu.com/4416-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202006-04 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20200327-0003/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=25487 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=9333498794cde1d5cca518badf79533a24114b6f | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4416-1/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| fedoraproject | fedora | 30 | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.10 | |
| opensuse | leap | 15.1 | |
| netapp | active_iq_unified_manager | - | |
| netapp | cloud_backup | - | |
| netapp | hci_management_node | - | |
| netapp | solidfire | - | |
| netapp | steelstore_cloud_integrated_storage | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67E08705-E559-47C1-BA84-D9F88FFE9EBB",
"versionEndExcluding": "2.32.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C19813-E823-456A-B1CE-EC0684CE1953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c."
},
{
"lang": "es",
"value": "La biblioteca GNU C (tambi\u00e9n se conoce como glibc o libc6) versiones anteriores a 2.32, podr\u00eda desbordar un b\u00fafer sobre la pila durante una reducci\u00f3n de alcance si una entrada a una funci\u00f3n long double de 80 bits contiene un patr\u00f3n de bits no can\u00f3nico, como es visto cuando se pasa un valor 0x5d4141414141410000 hacia la funci\u00f3n sinl sobre sistemas destino de x86. Esto est\u00e1 relacionado con el archivo sysdeps/ieee754/ldbl-96/e_rem_pio2l.c."
}
],
"id": "CVE-2020-10029",
"lastModified": "2024-11-21T04:54:40.897",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-04T15:15:13.083",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200327-0003/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=9333498794cde1d5cca518badf79533a24114b6f"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTFUD5VH2GU3YOXA2KBQSBIDZRDWNZ3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU5JJGENOK7K4X5RYAA5PL647C6HD22E/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200327-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=9333498794cde1d5cca518badf79533a24114b6f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-12 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:284 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201503-04 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=16072 | Exploit | |
| secalert@redhat.com | https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:284 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=16072 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html | Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 | |
| gnu | glibc | 2.13 | |
| gnu | glibc | 2.14 | |
| gnu | glibc | 2.14.1 | |
| gnu | glibc | 2.15 | |
| gnu | glibc | 2.16 | |
| gnu | glibc | 2.17 | |
| suse | linux_enterprise_debuginfo | 11 | |
| suse | linux_enterprise_server | 11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDDAD2B2-386E-4DEA-A20E-0C2197E12089",
"versionEndIncluding": "2.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5D113-EF53-4690-92AC-B6E54D70AA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92B1C39D-1183-4FAE-85C2-D1DC7AA6F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "733A1711-D2FC-45C6-9542-893860851F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4CFA8E-9892-4DDA-9DB2-581711E974A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E91F85-7872-4290-BE7F-C966AC2773CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D5900A25-FDD7-4900-BF7C-F3ECCB714D2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1914."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n getaddrinfo en sysdeps/posix/getaddrinfo.c de GNU C Library (tambi\u00e9n conocido como glibc o libc6) 2.18 y anteriores versiones permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de (1) un nombre de host o (2) direcci\u00f3n IP que desencadena un gran n\u00famero de resultados de direcci\u00f3n AF_INET6. NOTA: esta vulnerabilidad existe por un parche incompleto para CVE-2013-1914."
}
],
"id": "CVE-2013-4458",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-12-12T18:55:10.883",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16072"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-04 16:29
Modified
2024-11-21 03:58
Severity ?
Summary
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/106037 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1042174 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BO7WHN52GFMC5F2I2232GFIPSSXWFV7G/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M52KE4YR3GNMHQUOS3DKAGZD5TQ5D5UH/ | ||
| cve@mitre.org | https://security.gentoo.org/glsa/201903-09 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201908-06 | ||
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190321-0003/ | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=23927 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/git/?p=glibc.git%3Ba=blob_plain%3Bf=NEWS%3Bhb=HEAD | ||
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=d527c860f5a3f0ed687bd03f0cb464612dc23408 | ||
| cve@mitre.org | https://usn.ubuntu.com/4416-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106037 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1042174 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BO7WHN52GFMC5F2I2232GFIPSSXWFV7G/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M52KE4YR3GNMHQUOS3DKAGZD5TQ5D5UH/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201903-09 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201908-06 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190321-0003/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=23927 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git%3Ba=blob_plain%3Bf=NEWS%3Bhb=HEAD | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=d527c860f5a3f0ed687bd03f0cb464612dc23408 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4416-1/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| fedoraproject | fedora | 28 | |
| fedoraproject | fedora | 29 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D60C9E29-AEFB-4A10-9E1C-1DC3C68FF0B8",
"versionEndIncluding": "2.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function."
},
{
"lang": "es",
"value": "En la biblioteca GNU C (tambi\u00e9n conocida como glibc o libc6) hasta la versi\u00f3n 2.28, los intentos para resolver un nombre de host manipulado mediante getaddrinfo() conducen a la asignaci\u00f3n de un descriptor de un socket que no est\u00e1 cerrado. Esto est\u00e1 relacionado con la funci\u00f3n if_nametoindex()."
}
],
"id": "CVE-2018-19591",
"lastModified": "2024-11-21T03:58:15.047",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-04T16:29:00.480",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106037"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1042174"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BO7WHN52GFMC5F2I2232GFIPSSXWFV7G/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M52KE4YR3GNMHQUOS3DKAGZD5TQ5D5UH/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-09"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201908-06"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20190321-0003/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23927"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=blob_plain%3Bf=NEWS%3Bhb=HEAD"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=d527c860f5a3f0ed687bd03f0cb464612dc23408"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1042174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BO7WHN52GFMC5F2I2232GFIPSSXWFV7G/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M52KE4YR3GNMHQUOS3DKAGZD5TQ5D5UH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-09"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201908-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20190321-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23927"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=blob_plain%3Bf=NEWS%3Bhb=HEAD"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=d527c860f5a3f0ed687bd03f0cb464612dc23408"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-14 07:15
Modified
2025-05-05 17:17
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/202208-24 | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=28768 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202208-24 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=28768 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| oracle | communications_cloud_native_core_unified_data_repository | 22.2.0 | |
| oracle | enterprise_operations_monitor | 4.3 | |
| oracle | enterprise_operations_monitor | 4.4 | |
| oracle | enterprise_operations_monitor | 5.0 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "580654C1-5047-40F4-9518-2AACF59AC357",
"versionEndExcluding": "2.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74810125-09E6-4F27-B541-AFB61112AC56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_operations_monitor:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5453265-3BE1-4AF0-BE50-13C2EF67F49B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_operations_monitor:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "93E0B297-A319-4961-976C-7DDA5A0B9353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_operations_monitor:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AEFDF7DD-4D5D-410B-840F-99A8D7DEE4A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution."
},
{
"lang": "es",
"value": "La funci\u00f3n de compatibilidad obsoleta svcunix_create en el m\u00f3dulo sunrpc de la Biblioteca C de GNU (tambi\u00e9n conocida como glibc) hasta la versi\u00f3n 2.34 copia su argumento de ruta en la pila sin comprobar su longitud, lo que puede resultar en un desbordamiento del b\u00fafer, resultando potencialmente en una denegaci\u00f3n de servicio o (si una aplicaci\u00f3n no est\u00e1 construida con un protector de pila habilitado) la ejecuci\u00f3n de c\u00f3digo arbitrario"
}
],
"id": "CVE-2022-23218",
"lastModified": "2025-05-05T17:17:55.563",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-01-14T07:15:08.800",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-24"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-24"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-25 16:15
Modified
2024-11-21 08:41
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2023-5156 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2240541 | Issue Tracking, Patch | |
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=30884 | Issue Tracking, Patch | |
| secalert@redhat.com | https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796 | Mailing List, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/03/4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/03/5 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/03/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/10/03/8 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2023-5156 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2240541 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202402-01 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=30884 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796 | Mailing List, Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71609239-5262-473E-ACCE-18AE51AB184E",
"versionEndExcluding": "2.39",
"versionStartIncluding": "2.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en la librer\u00eda GNU C. Una soluci\u00f3n reciente para CVE-2023-4806 introdujo la posibilidad de una p\u00e9rdida de memoria, lo que puede provocar un bloqueo de la aplicaci\u00f3n."
}
],
"id": "CVE-2023-5156",
"lastModified": "2024-11-21T08:41:10.837",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-25T16:15:15.613",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-5156"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240541"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30884"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-5156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202402-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-01-07 19:00
Modified
2025-04-11 00:51
Severity ?
Summary
ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| secalert@redhat.com | http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2010/Oct/344 | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2023/Jul/31 | ||
| secalert@redhat.com | http://secunia.com/advisories/42787 | Vendor Advisory | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201011-01.xml | ||
| secalert@redhat.com | http://sourceware.org/ml/libc-hacker/2010-10/msg00010.html | Patch | |
| secalert@redhat.com | http://support.avaya.com/css/P8/documents/100121017 | ||
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2122 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:212 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2023/07/19/9 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2023/07/20/1 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0872.html | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/515545/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/44347 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1009-1 | ||
| secalert@redhat.com | http://www.vmware.com/security/advisories/VMSA-2011-0001.html | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2011/0025 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=645672 | Patch | |
| secalert@redhat.com | https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html | ||
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0793.html | ||
| secalert@redhat.com | https://seclists.org/bugtraq/2019/Jun/14 | ||
| secalert@redhat.com | https://www.exploit-db.com/exploits/44025/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2010/Oct/344 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2023/Jul/31 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42787 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201011-01.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/ml/libc-hacker/2010-10/msg00010.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/css/P8/documents/100121017 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2122 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:212 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/07/19/9 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/07/20/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0872.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/515545/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/44347 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1009-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2011-0001.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0025 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=645672 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0793.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Jun/14 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/44025/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 1.00 | |
| gnu | glibc | 1.01 | |
| gnu | glibc | 1.02 | |
| gnu | glibc | 1.03 | |
| gnu | glibc | 1.04 | |
| gnu | glibc | 1.05 | |
| gnu | glibc | 1.06 | |
| gnu | glibc | 1.07 | |
| gnu | glibc | 1.08 | |
| gnu | glibc | 1.09 | |
| gnu | glibc | 1.09.1 | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.3.10 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 | |
| gnu | glibc | 2.3.5 | |
| gnu | glibc | 2.3.6 | |
| gnu | glibc | 2.3.10 | |
| gnu | glibc | 2.4 | |
| gnu | glibc | 2.5 | |
| gnu | glibc | 2.5.1 | |
| gnu | glibc | 2.6 | |
| gnu | glibc | 2.6.1 | |
| gnu | glibc | 2.7 | |
| gnu | glibc | 2.8 | |
| gnu | glibc | 2.9 | |
| gnu | glibc | 2.10 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.10.2 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.12.0 | |
| gnu | glibc | 2.12.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6748E242-7955-43A8-BBDC-64C1994E320E",
"versionEndIncluding": "2.11.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "AA23C241-132B-423E-A22A-7206A8074D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F79978B1-8831-4169-B815-80138C85832C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "991EB676-F043-418D-BD81-0BB937236D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0C5DB0-602E-4296-884C-60E24FC80458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "3211F47C-DF6D-4355-95F8-DED317700621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "229BFD88-A90F-4D2B-97B9-822A7D87EAEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE253B0-D8E0-4099-8CA7-8925B4809F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*",
"matchCriteriaId": "D640F556-8181-4F15-B2F7-7EC7E8869FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*",
"matchCriteriaId": "061383CD-B9AD-41C6-8C46-F79870B9CD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*",
"matchCriteriaId": "9897B03F-A457-4B29-9C5E-FEA084D3BF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C3684B-CE01-46B5-9E41-BF58E6A5AA64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD93D5-70BB-475C-BDD3-DEDE9965C5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44A511B6-72EC-4200-8C1C-BDE30BC2431A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B03C644D-0EF9-4586-96D5-5DEE78D9D5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47AD8A88-DAF0-4206-8661-70075BA2AE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42AD17CD-545F-425A-92CF-0EE5F5B5F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0660536D-7F82-4B91-8B84-704D26FE989F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E2037E8C-43E8-4121-B877-1834282ACD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5E85-9AFA-429A-AC51-8D8EC2841330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D41ABE25-DECD-4068-93DA-0B85281FD93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "84600406-0CE2-46EA-A5AD-4CC0D3494AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A96FA9ED-7529-440D-984D-6340B94D8243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D70AB0-2910-4191-9980-5BA78E8F2E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A93600D-7271-4AF5-8133-C6AA5BC8543F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B4AFFF-A537-44BD-B97A-EFA9409DB8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so."
},
{
"lang": "es",
"value": "ld.so en la librer\u00eda de GNU C (tambi\u00e9n conocida como glibc o libc6) anteriores a v2.11.3, y v2.12.x anteriores a v2.12.2, no restringen el uso de la variable de entorno LD_AUDIT para hacer referencia a objetos din\u00e1micos compartidos (DSO) como objetos de auditor\u00eda, que permite a usuarios locales conseguir privilegios mediante el aprovechamiento de un DSO inseguros ubicado en un directorio de la librer\u00eda de confianza, como lo demuestra libpcprofile.so."
}
],
"id": "CVE-2010-3856",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-01-07T19:00:17.843",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2010/Oct/344"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2023/Jul/31"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42787"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://sourceware.org/ml/libc-hacker/2010-10/msg00010.html"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/css/P8/documents/100121017"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2010/dsa-2122"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:212"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/9"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2023/07/20/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0872.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/515545/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/44347"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1009-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0025"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645672"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0793.html"
},
{
"source": "secalert@redhat.com",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "secalert@redhat.com",
"url": "https://www.exploit-db.com/exploits/44025/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2010/Oct/344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2023/Jul/31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceware.org/ml/libc-hacker/2010-10/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/css/P8/documents/100121017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2122"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:212"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2023/07/20/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0872.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/515545/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/44347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1009-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0793.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/44025/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-01 22:15
Modified
2024-11-21 05:35
Severity ?
Summary
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| talos-cna@cisco.com | https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E | ||
| talos-cna@cisco.com | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| talos-cna@cisco.com | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/ | ||
| talos-cna@cisco.com | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/ | ||
| talos-cna@cisco.com | https://security.gentoo.org/glsa/202101-20 | Third Party Advisory | |
| talos-cna@cisco.com | https://sourceware.org/bugzilla/show_bug.cgi?id=25620 | Issue Tracking, Third Party Advisory | |
| talos-cna@cisco.com | https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202101-20 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=25620 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14922F88-7D7E-442F-A1FF-15B7A2745B6C",
"versionEndIncluding": "2.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the \u0027num\u0027 parameter results in a signed comparison vulnerability. If an attacker underflows the \u0027num\u0027 parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de comparaci\u00f3n firmada explotable en la implementaci\u00f3n de la funci\u00f3n memcpy() de ARMv7 de GNU glibc versi\u00f3n 2.30.9000. Llamar a la funci\u00f3n memcpy() (en objetivos ARMv7 que utilizan la implementaci\u00f3n GNU glibc) con un valor negativo para el par\u00e1metro \"num\" resulta en una vulnerabilidad de comparaci\u00f3n firmada. Si un atacante desborda el par\u00e1metro \"num\" en la funci\u00f3n memcpy(), esta vulnerabilidad podr\u00eda conllevar a un comportamiento indefinido, como escribir en la memoria fuera de l\u00edmites y una potencial ejecuci\u00f3n de c\u00f3digo remota. Adem\u00e1s, esta implementaci\u00f3n de la funci\u00f3n memcpy() permite que la ejecuci\u00f3n del programa contin\u00fae en escenarios donde un fallo de segmentaci\u00f3n o bloqueo deber\u00eda haberse producido. Los peligros se presentan en que la ejecuci\u00f3n posterior y las iteraciones de este c\u00f3digo son ejecutadas con estos datos corruptos."
}
],
"id": "CVE-2020-6096",
"lastModified": "2024-11-21T05:35:05.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "talos-cna@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-01T22:15:18.503",
"references": [
{
"source": "talos-cna@cisco.com",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"source": "talos-cna@cisco.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "talos-cna@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/"
},
{
"source": "talos-cna@cisco.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/"
},
{
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"source": "talos-cna@cisco.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620"
},
{
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-195"
}
],
"source": "talos-cna@cisco.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-191"
},
{
"lang": "en",
"value": "CWE-681"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-27 20:15
Modified
2025-06-09 16:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2021/01/28/2 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/202107-07 | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20210304-0007/ | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=27256 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=7d88c6142c6efc160c0ee5e4f85cde382c072888 | ||
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuapr2022.html | Not Applicable | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpujan2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2021/01/28/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202107-07 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210304-0007/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=27256 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=7d88c6142c6efc160c0ee5e4f85cde382c072888 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujan2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| netapp | e-series_santricity_os_controller | * | |
| netapp | ontap_select_deploy_administration_utility | - | |
| oracle | communications_cloud_native_core_security_edge_protection_proxy | 1.5.0 | |
| fujitsu | m10-1_firmware | * | |
| fujitsu | m10-1 | - | |
| fujitsu | m10-4_firmware | * | |
| fujitsu | m10-4 | - | |
| fujitsu | m10-4s_firmware | * | |
| fujitsu | m10-4s | - | |
| fujitsu | m12-1_firmware | * | |
| fujitsu | m12-1 | - | |
| fujitsu | m12-2_firmware | * | |
| fujitsu | m12-2 | - | |
| fujitsu | m12-2_firmware | * | |
| fujitsu | m12-2 | - | |
| fujitsu | m12-2s_firmware | * | |
| fujitsu | m12-2s | - | |
| fujitsu | m10-1_firmware | * | |
| fujitsu | m10-1 | - | |
| fujitsu | m10-4_firmware | * | |
| fujitsu | m10-4 | - | |
| fujitsu | m10-4s_firmware | * | |
| fujitsu | m10-4s | - | |
| fujitsu | m12-1_firmware | * | |
| fujitsu | m12-1 | - | |
| fujitsu | m12-2_firmware | * | |
| fujitsu | m12-2 | - | |
| fujitsu | m12-2_firmware | * | |
| fujitsu | m12-2 | - | |
| fujitsu | m12-2s_firmware | * | |
| fujitsu | m12-2s | - | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "290E9831-5E7A-4EE8-9496-FF8C590038F2",
"versionEndIncluding": "2.32.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7402489D-85E5-4662-BF87-259740DC72F8",
"versionEndIncluding": "11.60.3",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DAEB09CA-9352-43CD-AF66-92BE416E039C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E63B7B2-409A-476E-BA12-2A2D2F3B85DE",
"versionEndExcluding": "xcp2410",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "983D27DE-BC89-454E-AE47-95A26A3651E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB5D4C9-DA14-4188-9181-17336F9445F6",
"versionEndExcluding": "xcp2410",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5825AEE1-B668-40BD-86A9-2799430C742C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B65E2F3-57EC-46C0-BB4A-0A0F3F8D387E",
"versionEndExcluding": "xcp2410",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA2D526-BDCF-4A65-914A-B3BA3A0CD613",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90B7CFBF-761C-4EAA-A322-EF5E294AADED",
"versionEndExcluding": "xcp2410",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0CF40B-E5BD-4558-9321-184D58EF621D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48B28ABF-7E1A-4A1E-8F78-0D95D7BDF886",
"versionEndExcluding": "xcp2410",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3C9C09-7B2B-4DB6-8BE0-35302ED35776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48B28ABF-7E1A-4A1E-8F78-0D95D7BDF886",
"versionEndExcluding": "xcp2410",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3C9C09-7B2B-4DB6-8BE0-35302ED35776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E74AAF52-1388-4BD9-B17B-3A6A32CA3608",
"versionEndExcluding": "xcp2410",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95503CE5-1D06-4092-A60D-D310AADCAFB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A107698C-9C63-44A9-8A2B-81EDD5702B4C",
"versionEndExcluding": "xcp3110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "983D27DE-BC89-454E-AE47-95A26A3651E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC0460E-4695-44FB-99EE-28B2C957B760",
"versionEndExcluding": "xcp3110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5825AEE1-B668-40BD-86A9-2799430C742C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD54A092-85A7-4459-9C69-19E6E24AC24B",
"versionEndExcluding": "xcp3110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA2D526-BDCF-4A65-914A-B3BA3A0CD613",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F813DBC-BA1E-4C73-AA11-1BD3F9508372",
"versionEndExcluding": "xcp3110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0CF40B-E5BD-4558-9321-184D58EF621D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFDF4F39-1C6C-4AD3-99CF-BD5B44B8C71B",
"versionEndExcluding": "xcp3110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3C9C09-7B2B-4DB6-8BE0-35302ED35776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFDF4F39-1C6C-4AD3-99CF-BD5B44B8C71B",
"versionEndExcluding": "xcp3110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3C9C09-7B2B-4DB6-8BE0-35302ED35776",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "416B805F-799A-4466-AC5A-93D083A2ABBD",
"versionEndExcluding": "xcp3110",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95503CE5-1D06-4092-A60D-D310AADCAFB1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service."
},
{
"lang": "es",
"value": "La funci\u00f3n iconv en la biblioteca GNU C (tambi\u00e9n se conoce como glibc o libc6) versiones 2.32 y anteriores, cuando procesa secuencias de entrada no v\u00e1lidas en la codificaci\u00f3n ISO-2022-JP-3, se produce un fallo una aserci\u00f3n en la ruta del c\u00f3digo y aborta el programa, potencialmente resultando en una denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-3326",
"lastModified": "2025-06-09T16:15:32.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2021-01-27T20:15:14.020",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/28/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210304-0007/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=7d88c6142c6efc160c0ee5e4f85cde382c072888"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/01/28/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210304-0007/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=7d88c6142c6efc160c0ee5e4f85cde382c072888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-18 16:29
Modified
2024-11-21 03:19
Severity ?
Summary
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/fingolfin/memmove-bug | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190329-0001/ | ||
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190401-0001/ | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=22644 | Issue Tracking | |
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=cd66c0e584c6d692bc8347b5e72723d02b8a8ada | ||
| cve@mitre.org | https://usn.ubuntu.com/4416-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/fingolfin/memmove-bug | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190329-0001/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190401-0001/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=22644 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=cd66c0e584c6d692bc8347b5e72723d02b8a8ada | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4416-1/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| linux | linux_kernel | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FE48C40-C85D-4EFE-8343-E8F54BE9AC27",
"versionEndIncluding": "2.27",
"versionStartIncluding": "2.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution."
},
{
"lang": "es",
"value": "Una implementaci\u00f3n memmove optimizada para SSE2 para i386 en sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S en GNU C Library (tambi\u00e9n conocida como glibc o libc6), desde la versi\u00f3n 2.21 hasta la 2.27 no realiza correctamente la comprobaci\u00f3n de solapamiento de memoria si el rango de memoria de origen se extiende por el medio del espacio de memoria. Esto resulta en que se produzcan datos corruptos en la operaci\u00f3n de copia. Esto podr\u00eda revelar informaci\u00f3n a atacantes que dependen del contexto o resultar en una denegaci\u00f3n de servicio (DoS) o una posible ejecuci\u00f3n de c\u00f3digo."
}
],
"id": "CVE-2017-18269",
"lastModified": "2024-11-21T03:19:43.920",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-18T16:29:00.227",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/fingolfin/memmove-bug"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20190329-0001/"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20190401-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22644"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=cd66c0e584c6d692bc8347b5e72723d02b8a8ada"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/fingolfin/memmove-bug"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20190329-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20190401-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=cd66c0e584c6d692bc8347b5e72723d02b8a8ada"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-03-14 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10 lacks a namespace check associated with file-descriptor passing, which allows local users to capture keystrokes and spoof data, and possibly gain privileges, via pts read and write operations, related to debian/sysdeps/linux.mk. NOTE: this is not considered a vulnerability in the upstream GNU C Library because the upstream documentation has a clear security recommendation against the --enable-pt_chown option.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie&id=09f7764882a81e13e7b5d87d715412283a6ce403 | ||
| cve@mitre.org | http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie&id=11475c083282c1582c4dd72eecfcb2b7d308c958 | ||
| cve@mitre.org | http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2856.html | ||
| cve@mitre.org | http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/ | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/02/23/3 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/03/07/2 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/84601 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2985-1 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2985-2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie&id=09f7764882a81e13e7b5d87d715412283a6ce403 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie&id=11475c083282c1582c4dd72eecfcb2b7d308c958 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2856.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/02/23/3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/03/07/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/84601 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-2 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.10 | |
| debian | debian_linux | 8.0 | |
| gnu | glibc | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDDAD2B2-386E-4DEA-A20E-0C2197E12089",
"versionEndIncluding": "2.18",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10 lacks a namespace check associated with file-descriptor passing, which allows local users to capture keystrokes and spoof data, and possibly gain privileges, via pts read and write operations, related to debian/sysdeps/linux.mk. NOTE: this is not considered a vulnerability in the upstream GNU C Library because the upstream documentation has a clear security recommendation against the --enable-pt_chown option."
},
{
"lang": "es",
"value": "pt_chown en el paquete glibc en versiones anteriores a 2.19-18+deb8u4 en Debian jessie; el paquete elibc en versiones anteriores a 2.15-0ubuntu10.14 en Ubuntu 12.04 LTS y en versiones anteriores a 2.19-0ubuntu6.8 en Ubuntu 14.04 LTS; y el paquete glibc en versiones anteriores a 2.21-0ubuntu4.2 en Ubuntu 15.10 y en versiones anteriores a 2.23-0ubuntu1 en Ubuntu 16.04 LTS y 16.10 carece de verificaci\u00f3n de paso de espacio de nombres asociado a la ejecuci\u00f3n del descriptor de archivo, lo que permite a usuarios locales capturar pulsaciones del teclado y suplantar datos, y posiblemente obtener privilegios, a trav\u00e9s de operaciones pts de lectura y escritura, relacionado con debian/sysdeps/linux.mk. NOTA: no est\u00e1 considerada una vulnerabilidad inicial en la GNU C Library porque la documentaci\u00f3n de distribuci\u00f3n tiene una clara recomendaci\u00f3n de seguridad frente a la opci\u00f3n --enable-pt_chown."
}
],
"id": "CVE-2016-2856",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-03-14T01:59:04.950",
"references": [
{
"source": "cve@mitre.org",
"url": "http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie\u0026id=09f7764882a81e13e7b5d87d715412283a6ce403"
},
{
"source": "cve@mitre.org",
"url": "http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie\u0026id=11475c083282c1582c4dd72eecfcb2b7d308c958"
},
{
"source": "cve@mitre.org",
"url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2856.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2016/02/23/3"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2016/03/07/2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/84601"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie\u0026id=09f7764882a81e13e7b5d87d715412283a6ce403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie\u0026id=11475c083282c1582c4dd72eecfcb2b7d308c958"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2856.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/02/23/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/03/07/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/84601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-20 17:29
Modified
2025-04-20 01:37
Severity ?
Summary
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/101521 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:0805 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:1879 | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=22320 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101521 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:0805 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:1879 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=22320 | Issue Tracking, Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "495E9424-0BBA-4820-B793-031DDAC80417",
"versionEndIncluding": "2.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string."
},
{
"lang": "es",
"value": "La biblioteca GNU C (tambi\u00e9n llamada glibc o libc6) en versiones anteriores a la 2.27 contiene un error por un paso que conduce a un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) en la funci\u00f3n glob en glob.c. Esto se relaciona con el procesamiento de directorios principales empleando el operador ~ seguido por una larga cadena."
}
],
"id": "CVE-2017-15670",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-20T17:29:00.240",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/101521"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2018:1879"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22320"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/101521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:1879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22320"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-03 06:15
Modified
2025-03-26 15:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2023/02/10/1 | ||
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20230302-0010/ | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=30068 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/02/10/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20230302-0010/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=30068 | Exploit, Issue Tracking, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.37:*:*:*:*:*:*:*",
"matchCriteriaId": "AC1ACC29-6D0B-4599-9591-6DE176404D6F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes."
},
{
"lang": "es",
"value": "sprintf en la librer\u00eda GNU C (glibc) 2.37 tiene un desbordamiento del b\u00fafer (escritura fuera de los l\u00edmites) en algunas situaciones con un tama\u00f1o de b\u00fafer correcto. Esto no tiene relaci\u00f3n con CWE-676. Puede escribir m\u00e1s all\u00e1 de los l\u00edmites del b\u00fafer de destino cuando intenta escribir una representaci\u00f3n de cadena rellenada y separada por miles de un n\u00famero, si al b\u00fafer se le asigna el tama\u00f1o exacto requerido para representar ese n\u00famero como una cadena. Por ejemplo, 1.234.567 (con relleno de 13) se desborda en dos bytes."
}
],
"id": "CVE-2023-25139",
"lastModified": "2025-03-26T15:15:48.237",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-02-03T06:15:09.523",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2023/02/10/1"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20230302-0010/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2023/02/10/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20230302-0010/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30068"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-17 19:15
Modified
2024-11-21 05:11
Severity ?
5.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://security.gentoo.org/glsa/202006-04 | Third Party Advisory | |
| secalert@redhat.com | https://security.netapp.com/advisory/ntap-20200430-0002/ | Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=25423 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://usn.ubuntu.com/4416-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202006-04 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20200430-0002/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=25423 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4416-1/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| redhat | enterprise_linux | 8.0 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "580654C1-5047-40F4-9518-2AACF59AC357",
"versionEndExcluding": "2.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de escritura fuera de l\u00edmites en glibc versiones anteriores a 2.31, cuando se manejaban trampolines de se\u00f1al en PowerPC. Concretamente, la funci\u00f3n backtrace no comprueba apropiadamente los l\u00edmites de la matriz cuando almacena la direcci\u00f3n de la trama, resultando en una denegaci\u00f3n de servicio o a una posible ejecuci\u00f3n de c\u00f3digo. La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema."
}
],
"id": "CVE-2020-1751",
"lastModified": "2024-11-21T05:11:18.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.4,
"impactScore": 3.6,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-17T19:15:14.437",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200430-0002/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202006-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200430-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-06-01 20:30
Modified
2025-04-11 00:51
Severity ?
Summary
The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://frugalware.org/security/662 | ||
| secalert@redhat.com | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| secalert@redhat.com | http://secunia.com/advisories/39900 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/43830 | ||
| secalert@redhat.com | http://secunia.com/advisories/46397 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201011-01.xml | ||
| secalert@redhat.com | http://securitytracker.com/id?1024043 | ||
| secalert@redhat.com | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ab00f4eac8f4932211259ff87be83144f5211540 | ||
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2058 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:111 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:112 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-0412.html | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/520102/100/0/threaded | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-944-1 | ||
| secalert@redhat.com | http://www.vmware.com/security/advisories/VMSA-2011-0012.html | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/1246 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2011/0863 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=559579 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/59240 | ||
| secalert@redhat.com | https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html | ||
| secalert@redhat.com | https://seclists.org/bugtraq/2019/Jun/14 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://frugalware.org/security/662 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/39900 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43830 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46397 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201011-01.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1024043 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ab00f4eac8f4932211259ff87be83144f5211540 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2058 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:111 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:112 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-0412.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/520102/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-944-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2011-0012.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1246 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0863 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=559579 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/59240 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Jun/14 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 | |
| gnu | glibc | 2.3.5 | |
| gnu | glibc | 2.3.6 | |
| gnu | glibc | 2.3.10 | |
| gnu | glibc | 2.4 | |
| gnu | glibc | 2.5 | |
| gnu | glibc | 2.5.1 | |
| gnu | glibc | 2.6 | |
| gnu | glibc | 2.6.1 | |
| gnu | glibc | 2.7 | |
| gnu | glibc | 2.8 | |
| gnu | glibc | 2.9 | |
| gnu | glibc | 2.10 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A2ECE68-A401-45B2-8B78-FC61B63BB181",
"versionEndIncluding": "2.11.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44A511B6-72EC-4200-8C1C-BDE30BC2431A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B03C644D-0EF9-4586-96D5-5DEE78D9D5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47AD8A88-DAF0-4206-8661-70075BA2AE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42AD17CD-545F-425A-92CF-0EE5F5B5F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0660536D-7F82-4B91-8B84-704D26FE989F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E2037E8C-43E8-4121-B877-1834282ACD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5E85-9AFA-429A-AC51-8D8EC2841330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D41ABE25-DECD-4068-93DA-0B85281FD93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "84600406-0CE2-46EA-A5AD-4CC0D3494AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A96FA9ED-7529-440D-984D-6340B94D8243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D70AB0-2910-4191-9980-5BA78E8F2E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request."
},
{
"lang": "es",
"value": "La macro \"encode_name\" en \"misc/mntent_r.c\" en la Librer\u00eda C GNU (tambi\u00e9n conocida como glibc or libc6) v2.11.1 y anteriores, como la usada por \"ncpmount\" y \"mount.cifs\" no maneja correctamente los caracteres de \"nueva l\u00ednea\" en los nombres de punto de montaje, que permite a usuarios locales provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de mtab) o posiblemente modificar las opciones de montado y ganar privilegios, a trav\u00e9s de una petici\u00f3n de montaje manipulada"
}
],
"id": "CVE-2010-0296",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-06-01T20:30:02.790",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://frugalware.org/security/662"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39900"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/43830"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/46397"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1024043"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ab00f4eac8f4932211259ff87be83144f5211540"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-944-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1246"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=559579"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59240"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"source": "secalert@redhat.com",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://frugalware.org/security/662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43830"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ab00f4eac8f4932211259ff87be83144f5211540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-944-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=559579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-27 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://git.cyrusimap.org/cyrus-sasl/commit/?id=dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d | Exploit, Patch | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201309-01.xml | ||
| secalert@redhat.com | http://www.debian.org/security/2015/dsa-3368 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2013/07/12/3 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2013/07/12/6 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2013/07/13/1 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2013/07/15/1 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2755-1 | ||
| secalert@redhat.com | https://www.linuxquestions.org/questions/slackware-14/%5Bslackware-current%5D-glibc-2-17-shadow-and-other-penumbrae-4175461061/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.cyrusimap.org/cyrus-sasl/commit/?id=dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201309-01.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3368 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/07/12/3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/07/12/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/07/13/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/07/15/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2755-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.linuxquestions.org/questions/slackware-14/%5Bslackware-current%5D-glibc-2-17-shadow-and-other-penumbrae-4175461061/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cmu | cyrus-sasl | * | |
| cmu | cyrus-sasl | 1.5.28 | |
| cmu | cyrus-sasl | 2.1.19 | |
| cmu | cyrus-sasl | 2.1.20 | |
| cmu | cyrus-sasl | 2.1.21 | |
| cmu | cyrus-sasl | 2.1.22 | |
| cmu | cyrus-sasl | 2.1.23 | |
| cmu | cyrus-sasl | 2.1.24 | |
| cmu | cyrus-sasl | 2.1.25 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 | |
| gnu | glibc | 2.3.5 | |
| gnu | glibc | 2.3.6 | |
| gnu | glibc | 2.3.10 | |
| gnu | glibc | 2.4 | |
| gnu | glibc | 2.5 | |
| gnu | glibc | 2.5.1 | |
| gnu | glibc | 2.6 | |
| gnu | glibc | 2.6.1 | |
| gnu | glibc | 2.7 | |
| gnu | glibc | 2.8 | |
| gnu | glibc | 2.9 | |
| gnu | glibc | 2.17 | |
| gnu | glibc | 2.18 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cmu:cyrus-sasl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83AF5B23-4AE4-4C51-835F-1F56FDCF2211",
"versionEndIncluding": "2.1.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus-sasl:1.5.28:*:*:*:*:*:*:*",
"matchCriteriaId": "392D237A-B796-461A-A1E7-66440641A2DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus-sasl:2.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "C2CA9C62-547C-41CD-84F5-83E81E92460A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus-sasl:2.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "246D41C8-EC36-4A4B-B1E2-2576B3B8847F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus-sasl:2.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6C10C223-E694-4B70-A18C-92AB77030A3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus-sasl:2.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "17D5998D-5E76-4C94-882F-71D7EBF195C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus-sasl:2.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "6F102957-8951-4C5C-8933-75ABCA971818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus-sasl:2.1.24:*:*:*:*:*:*:*",
"matchCriteriaId": "0002F61E-4A9F-4BF1-B83D-4DCE0619367D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cmu:cyrus-sasl:2.1.25:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD67A37-1E0E-4F24-8258-CEC1BFD2788C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44A511B6-72EC-4200-8C1C-BDE30BC2431A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B03C644D-0EF9-4586-96D5-5DEE78D9D5C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47AD8A88-DAF0-4206-8661-70075BA2AE55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42AD17CD-545F-425A-92CF-0EE5F5B5F74E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0660536D-7F82-4B91-8B84-704D26FE989F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E2037E8C-43E8-4121-B877-1834282ACD2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5E85-9AFA-429A-AC51-8D8EC2841330",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D41ABE25-DECD-4068-93DA-0B85281FD93A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "84600406-0CE2-46EA-A5AD-4CC0D3494AB7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A96FA9ED-7529-440D-984D-6340B94D8243",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E91F85-7872-4290-BE7F-C966AC2773CB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5491CD-F3D6-4B09-AE44-62285F6B462A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference."
},
{
"lang": "es",
"value": "SASL de Cyrus, 2.1.23, 2.1.26 y anteriores no trabaja correctamente cuando un valor NULL se devuelve a un error de la funci\u00f3n crypt como se aplica en glibc 2.17 y posteriores, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de hilo y el consumo) a trav\u00e9s de una \"salt\" no v\u00e1lido o, cuando FIPS-140 est\u00e1 activado, a contrase\u00f1as cifradas con DES o MD5, lo que desencadena una referencia a un puntero NULL"
}
],
"id": "CVE-2013-4122",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-27T00:55:03.773",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://git.cyrusimap.org/cyrus-sasl/commit/?id=dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201309-01.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2015/dsa-3368"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/07/12/3"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/07/12/6"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/07/13/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/07/15/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2755-1"
},
{
"source": "secalert@redhat.com",
"url": "https://www.linuxquestions.org/questions/slackware-14/%5Bslackware-current%5D-glibc-2-17-shadow-and-other-penumbrae-4175461061/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://git.cyrusimap.org/cyrus-sasl/commit/?id=dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201309-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/07/12/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/07/12/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/07/13/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/07/15/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2755-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.linuxquestions.org/questions/slackware-14/%5Bslackware-current%5D-glibc-2-17-shadow-and-other-penumbrae-4175461061/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-05-02 14:55
Modified
2025-04-11 00:51
Severity ?
Summary
The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78E4362C-F0B7-482C-AABD-F34E35ABCE85",
"versionEndIncluding": "2.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections."
},
{
"lang": "es",
"value": "La funci\u00f3n svc_run en la implementaci\u00f3n RPC en glibc anterior a v2.15 que permite a atacantes remotos causar una denegaci\u00f3n de servicios (consumo de CPU) a trav\u00e9s de una gran n\u00famero de conexiones RPC."
}
],
"id": "CVE-2011-4609",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-05-02T14:55:01.930",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=767299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=767299"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-17 02:59
Modified
2025-04-20 01:37
Severity ?
Summary
Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service (memory consumption) by leveraging partial initialization of internal resolver data structures.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2016/08/02/5 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/92257 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=19257 | Issue Tracking, Patch, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=2212c1420c92a33b0e0bd9a34938c9814a56c0f7 | ||
| secalert@redhat.com | https://www.sourceware.org/ml/libc-alpha/2016-08/msg00212.html | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/08/02/5 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92257 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=19257 | Issue Tracking, Patch, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=2212c1420c92a33b0e0bd9a34938c9814a56c0f7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sourceware.org/ml/libc-alpha/2016-08/msg00212.html | Release Notes |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE77B607-61C0-45A2-8591-14CF4C0AED39",
"versionEndIncluding": "2.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service (memory consumption) by leveraging partial initialization of internal resolver data structures."
},
{
"lang": "es",
"value": "Fuga de memoria en la funci\u00f3n __res_vinit en el c\u00f3digo de gesti\u00f3n del servidor de nombres IPv6 en libresolv en GNU C Library (tambi\u00e9n conocido como glibc o libc6) en versiones anteriores a 2.24 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria) aprovechando la inicializaci\u00f3n parcial de las estructuras internas de datos de resoluci\u00f3n."
}
],
"id": "CVE-2016-5417",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-17T02:59:13.310",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/08/02/5"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92257"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19257"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=2212c1420c92a33b0e0bd9a34938c9814a56c0f7"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-08/msg00212.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/08/02/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=2212c1420c92a33b0e0bd9a34938c9814a56c0f7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2016-08/msg00212.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-02 01:59
Modified
2025-04-20 01:37
Severity ?
Summary
The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://openwall.com/lists/oss-security/2017/03/01/10 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/96525 | ||
| cve@mitre.org | https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E | ||
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | ||
| cve@mitre.org | https://security.gentoo.org/glsa/202101-20 | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=19519 | Issue Tracking | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21 | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=26224 | ||
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuapr2022.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2017/03/01/10 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96525 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202101-20 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=19519 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=26224 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3B907D-79AF-44AC-BD23-C369CD6AE173",
"versionEndIncluding": "2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service."
},
{
"lang": "es",
"value": "El programa iconv de la Biblioteca C de GNU (tamb\u00eden conocido como glibc o libc6) versi\u00f3n 2.31 y anteriores, cuando es invocado con m\u00faltiples sufijos en la codificaci\u00f3n de destino (TRANSLATE o IGNORE) junto con la opci\u00f3n -c, entra en un bucle infinito al procesar secuencias de entrada multibyte inv\u00e1lidas, lo que lleva a una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2016-10228",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-02T01:59:00.143",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2017/03/01/10"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/96525"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224"
},
{
"source": "cve@mitre.org",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2017/03/01/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/96525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202101-20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-05-07 18:29
Modified
2025-04-20 01:37
Severity ?
Summary
The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779. NOTE: [Information provided from upstream and references
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00026.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00039.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00049.html | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2017/05/05/2 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/98339 | Broken Link | |
| cve@mitre.org | https://bugzilla.suse.com/show_bug.cgi?id=1037559#c7 | Issue Tracking, Patch | |
| cve@mitre.org | https://seclists.org/oss-sec/2017/q2/228 | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=21461 | Issue Tracking, Patch | |
| cve@mitre.org | https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00128.html | ||
| cve@mitre.org | https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00129.html | ||
| cve@mitre.org | https://sourceware.org/ml/libc-alpha/2017-05/msg00105.html | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00026.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00039.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00049.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2017/05/05/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98339 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.suse.com/show_bug.cgi?id=1037559#c7 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/oss-sec/2017/q2/228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=21461 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00128.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00129.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/ml/libc-alpha/2017-05/msg00105.html | Issue Tracking, Patch |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "36AD162E-4C9C-48A5-B2BF-9C0B4BDD5822",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779. NOTE: [Information provided from upstream and references"
},
{
"lang": "es",
"value": "**EN DISPUTA** Las funciones xdr_bytes y xdr_string en la librer\u00eda GNU C (conocida como glibc o libc6) 2.25 no maneja adecuadamente los fallos de deserializaci\u00f3n de buffer, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio a trav\u00e9s de paquetes UDP manipulados en el puerto 111, un problema relacionado con CVE-2017-8779. NOTA: [Informaci\u00f3n suministrada por el usuario y referencias]"
}
],
"id": "CVE-2017-8804",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-07T18:29:00.157",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00026.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00039.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00049.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/05/05/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/98339"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1037559#c7"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/oss-sec/2017/q2/228"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21461"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00128.html"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00129.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://sourceware.org/ml/libc-alpha/2017-05/msg00105.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00049.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/05/05/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/98339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1037559#c7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/oss-sec/2017/q2/228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00128.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/legacy-ml/libc-alpha/2017-05/msg00129.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://sourceware.org/ml/libc-alpha/2017-05/msg00105.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-18 16:29
Modified
2024-11-21 03:42
Severity ?
Summary
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/104255 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://access.redhat.com/errata/RHBA-2019:0327 | Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:3092 | Patch, Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190329-0001/ | Broken Link | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190401-0001/ | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=22786 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5460617d1567657621107d895ee2dd83bc1f88f2 | ||
| cve@mitre.org | https://usn.ubuntu.com/4416-1/ | ||
| cve@mitre.org | https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104255 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHBA-2019:0327 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3092 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190329-0001/ | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190401-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=22786 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5460617d1567657621107d895ee2dd83bc1f88f2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4416-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| redhat | virtualization_host | 4.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| oracle | communications_session_border_controller | 8.0.0 | |
| oracle | communications_session_border_controller | 8.1.0 | |
| oracle | communications_session_border_controller | 8.2.0 | |
| oracle | enterprise_communications_broker | 3.0.0 | |
| oracle | enterprise_communications_broker | 3.1.0 | |
| netapp | data_ontap_edge | - | |
| netapp | element_software_management | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9D63BD8-48E5-437B-AD45-F7EE4AD52EE0",
"versionEndIncluding": "2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F59AE20-7B9D-47A5-9E0D-A73F4A0E7D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4AF039-F3B6-45EB-A87E-8BCCF822AE23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "404A4EE8-6572-4B35-8C6A-A3CB8F1308A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_communications_broker:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17C9CFFB-0F3A-4E59-B6C9-9C8A20BB9B91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E11C65C3-1B17-4362-A99C-59583081A24D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software_management:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E63EEA7-05AB-4B1C-9061-AF357566DCDA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution."
},
{
"lang": "es",
"value": "stdlib/canonicalize.c en GNU C Library (tambi\u00e9n conocida como glibc o libc6), en versiones 2.27 y anteriores, al procesar argumentos con un nombre de ruta muy largo en la funci\u00f3n realpath, podr\u00eda encontrarse con un desbordamiento de enteros en arquitecturas de 32 bits. Esto podr\u00eda desembocar en un desbordamiento de b\u00fafer basado en pila y en una potencial ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2018-11236",
"lastModified": "2024-11-21T03:42:57.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-18T16:29:00.353",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104255"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://security.netapp.com/advisory/ntap-20190329-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190401-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22786"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5460617d1567657621107d895ee2dd83bc1f88f2"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://security.netapp.com/advisory/ntap-20190329-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190401-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5460617d1567657621107d895ee2dd83bc1f88f2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-04 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://hmarco.org/bugs/CVE-2013-4788.html | Exploit, Patch | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2015/Sep/23 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2013:284 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2013/07/15/9 | Exploit, Patch | |
| cve@mitre.org | http://www.securityfocus.com/bid/61183 | ||
| cve@mitre.org | https://security.gentoo.org/glsa/201503-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://hmarco.org/bugs/CVE-2013-4788.html | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2015/Sep/23 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:284 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/07/15/9 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/61183 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.4 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 | |
| gnu | glibc | 2.13 | |
| gnu | glibc | 2.14 | |
| gnu | glibc | 2.14.1 | |
| gnu | glibc | 2.15 | |
| gnu | glibc | 2.16 | |
| gnu | eglibc | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80EA2A91-4CBF-4AF4-9776-BF9EFDA67CDF",
"versionEndIncluding": "2.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42AD17CD-545F-425A-92CF-0EE5F5B5F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5D113-EF53-4690-92AC-B6E54D70AA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92B1C39D-1183-4FAE-85C2-D1DC7AA6F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "733A1711-D2FC-45C6-9542-893860851F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4CFA8E-9892-4DDA-9DB2-581711E974A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:eglibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB89B5AD-38B6-4BB2-A150-90A7807BE024",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address."
},
{
"lang": "es",
"value": "La implementaci\u00f3n PTR_MANGLE en la GNU C Library (librer\u00eda tambi\u00e9n conocida como glibc o libc6) 2.4, 2.17 y versiones anteriores y Embedded GLIBC (EGLIBC) no inicia el valor aleatorio para la guardia de puntero, lo que facilita a atacantes dependientes del contexto controlar la ejecuci\u00f3n de flujo aprovechando una vulnerabilidad de desbordamiento de b\u00fafer en una aplicaci\u00f3n y utilizando el valor cero conocido guardia de puntero para calcular la direcci\u00f3n de puntero."
}
],
"evaluatorComment": "Additional information that was taken into consideration while scoring:\n\nhttps://bugzilla.redhat.com/show_bug.cgi?id=985625",
"id": "CVE-2013-4788",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-04T17:55:09.960",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://hmarco.org/bugs/CVE-2013-4788.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2015/Sep/23"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/15/9"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/61183"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://hmarco.org/bugs/CVE-2013-4788.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2015/Sep/23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/15/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/61183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-05 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.debian.org/security/2015/dsa-3142 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2014:175 | Broken Link | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2014/08/29/3 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2014/09/02/1 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/69472 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2432-1 | Third Party Advisory | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201503-04 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=14134 | Exploit, Issue Tracking | |
| secalert@redhat.com | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=6e230d11837f3ae7b375ea69d7905f0d18eb79e5 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3142 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2014:175 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/08/29/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/09/02/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/69472 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2432-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=14134 | Exploit, Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=6e230d11837f3ae7b375ea69d7905f0d18eb79e5 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| gnu | glibc | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "786931ED-C141-460F-954C-8B9C6D6FC951",
"versionEndIncluding": "2.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of \"0xffff\" to the iconv function when converting IBM930 encoded data to UTF-8."
},
{
"lang": "es",
"value": "iconvdata/ibm930.c en GNU C Library (tambi\u00e9n conocido como glibc) anterior a 2.16 permite a atacantes dependientes de contexto causar una denegaci\u00f3n de servicio (lectura fuera de rango) a trav\u00e9s de un valor de caracteres de multibytes de \u00270xffff\u0027 en la funci\u00f3n iconv cuando convierte datos codificados de IBM930 a UTF-8."
}
],
"id": "CVE-2012-6656",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-05T16:59:00.067",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:175"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/08/29/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/02/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/69472"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2432-1"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=14134"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=6e230d11837f3ae7b375ea69d7905f0d18eb79e5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/08/29/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/09/02/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/69472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2432-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=14134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=6e230d11837f3ae7b375ea69d7905f0d18eb79e5"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-27 20:55
Modified
2025-04-12 10:46
Severity ?
Summary
Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, or (3) memset-sse2.S in sysdeps/i386/i686/multiarch/, which triggers an out-of-bounds read, as demonstrated using the memcpy function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://seclists.org/oss-sec/2011/q3/123 | ||
| secalert@redhat.com | http://seclists.org/oss-sec/2011/q3/153 | ||
| secalert@redhat.com | http://www.eglibc.org/cgi-bin/viewvc.cgi/trunk/libc/ChangeLog?view=markup&pathrev=10032 | ||
| secalert@redhat.com | http://www.nodefense.org/eglibc.txt | ||
| secalert@redhat.com | http://www.osvdb.org/80718 | ||
| secalert@redhat.com | http://xorl.wordpress.com/2011/08/06/cve-2011-2702-eglibc-and-glibc-signedness-issue/ | Exploit | |
| secalert@redhat.com | https://bugzilla.novell.com/show_bug.cgi?id=706915 | ||
| secalert@redhat.com | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=a0ac24d98ace90d1ccba6a2f3e7d55600f2fdb6e | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/oss-sec/2011/q3/123 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/oss-sec/2011/q3/153 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.eglibc.org/cgi-bin/viewvc.cgi/trunk/libc/ChangeLog?view=markup&pathrev=10032 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.nodefense.org/eglibc.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/80718 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://xorl.wordpress.com/2011/08/06/cve-2011-2702-eglibc-and-glibc-signedness-issue/ | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.novell.com/show_bug.cgi?id=706915 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=a0ac24d98ace90d1ccba6a2f3e7d55600f2fdb6e |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81FC02B2-EEB1-40EA-ADE5-479ED3FC11A7",
"versionEndIncluding": "2.12.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "18F57529-10DF-447A-8C53-DD4B1C2AA21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:eglibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "860D5A05-DC7D-4CB7-A22A-3C7DD8E0897D",
"versionEndIncluding": "2.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, or (3) memset-sse2.S in sysdeps/i386/i686/multiarch/, which triggers an out-of-bounds read, as demonstrated using the memcpy function."
},
{
"lang": "es",
"value": "Error de signo de enteros en Glibc anterior a 2.13 y eglibc anterior a 2.13, cuando utiliza la optimizaci\u00f3n Supplemental Streaming SIMD Extensions 3 (SSSE3), permite a atacantes dependientes de contexto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un par\u00e1metro de longitud negativo en (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, o (3) memset-sse2.S en sysdeps/i386/i686/multiarch/, lo que provoca una lectura fuera de rango, tal y como fue demostrado mediante el uso de la funci\u00f3n memcpy."
}
],
"id": "CVE-2011-2702",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-27T20:55:22.313",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/oss-sec/2011/q3/123"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/oss-sec/2011/q3/153"
},
{
"source": "secalert@redhat.com",
"url": "http://www.eglibc.org/cgi-bin/viewvc.cgi/trunk/libc/ChangeLog?view=markup\u0026pathrev=10032"
},
{
"source": "secalert@redhat.com",
"url": "http://www.nodefense.org/eglibc.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/80718"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://xorl.wordpress.com/2011/08/06/cve-2011-2702-eglibc-and-glibc-signedness-issue/"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=706915"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=a0ac24d98ace90d1ccba6a2f3e7d55600f2fdb6e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2011/q3/123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/oss-sec/2011/q3/153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.eglibc.org/cgi-bin/viewvc.cgi/trunk/libc/ChangeLog?view=markup\u0026pathrev=10032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nodefense.org/eglibc.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/80718"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://xorl.wordpress.com/2011/08/06/cve-2011-2702-eglibc-and-glibc-signedness-issue/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=706915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=a0ac24d98ace90d1ccba6a2f3e7d55600f2fdb6e"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-01-07 19:00
Modified
2025-04-11 00:51
Severity ?
Summary
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://seclists.org/fulldisclosure/2010/Oct/257 | Exploit | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2010/Oct/292 | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2010/Oct/294 | ||
| secalert@redhat.com | http://secunia.com/advisories/42787 | Vendor Advisory | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201011-01.xml | ||
| secalert@redhat.com | http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html | Patch | |
| secalert@redhat.com | http://support.avaya.com/css/P8/documents/100120941 | ||
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2122 | ||
| secalert@redhat.com | http://www.kb.cert.org/vuls/id/537223 | US Government Resource | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:207 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0872.html | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/515545/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/44154 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1009-1 | ||
| secalert@redhat.com | http://www.vmware.com/security/advisories/VMSA-2011-0001.html | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2011/0025 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=643306 | Patch | |
| secalert@redhat.com | https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html | ||
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0787.html | ||
| secalert@redhat.com | https://www.exploit-db.com/exploits/44024/ | ||
| secalert@redhat.com | https://www.exploit-db.com/exploits/44025/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2010/Oct/257 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2010/Oct/292 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2010/Oct/294 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42787 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201011-01.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/css/P8/documents/100120941 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2122 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/537223 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:207 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0872.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/515545/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/44154 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1009-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2011-0001.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0025 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=643306 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0787.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/44024/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/44025/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 1.00 | |
| gnu | glibc | 1.01 | |
| gnu | glibc | 1.02 | |
| gnu | glibc | 1.03 | |
| gnu | glibc | 1.04 | |
| gnu | glibc | 1.05 | |
| gnu | glibc | 1.06 | |
| gnu | glibc | 1.07 | |
| gnu | glibc | 1.08 | |
| gnu | glibc | 1.09 | |
| gnu | glibc | 1.09.1 | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.3.10 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 | |
| gnu | glibc | 2.3.5 | |
| gnu | glibc | 2.3.6 | |
| gnu | glibc | 2.3.10 | |
| gnu | glibc | 2.4 | |
| gnu | glibc | 2.5 | |
| gnu | glibc | 2.5.1 | |
| gnu | glibc | 2.6 | |
| gnu | glibc | 2.6.1 | |
| gnu | glibc | 2.7 | |
| gnu | glibc | 2.8 | |
| gnu | glibc | 2.9 | |
| gnu | glibc | 2.10 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.10.2 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.12.0 | |
| gnu | glibc | 2.12.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6748E242-7955-43A8-BBDC-64C1994E320E",
"versionEndIncluding": "2.11.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "AA23C241-132B-423E-A22A-7206A8074D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F79978B1-8831-4169-B815-80138C85832C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "991EB676-F043-418D-BD81-0BB937236D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0C5DB0-602E-4296-884C-60E24FC80458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "3211F47C-DF6D-4355-95F8-DED317700621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "229BFD88-A90F-4D2B-97B9-822A7D87EAEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE253B0-D8E0-4099-8CA7-8925B4809F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*",
"matchCriteriaId": "D640F556-8181-4F15-B2F7-7EC7E8869FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*",
"matchCriteriaId": "061383CD-B9AD-41C6-8C46-F79870B9CD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*",
"matchCriteriaId": "9897B03F-A457-4B29-9C5E-FEA084D3BF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C3684B-CE01-46B5-9E41-BF58E6A5AA64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD93D5-70BB-475C-BDD3-DEDE9965C5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44A511B6-72EC-4200-8C1C-BDE30BC2431A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B03C644D-0EF9-4586-96D5-5DEE78D9D5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47AD8A88-DAF0-4206-8661-70075BA2AE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42AD17CD-545F-425A-92CF-0EE5F5B5F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0660536D-7F82-4B91-8B84-704D26FE989F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E2037E8C-43E8-4121-B877-1834282ACD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5E85-9AFA-429A-AC51-8D8EC2841330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D41ABE25-DECD-4068-93DA-0B85281FD93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "84600406-0CE2-46EA-A5AD-4CC0D3494AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A96FA9ED-7529-440D-984D-6340B94D8243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D70AB0-2910-4191-9980-5BA78E8F2E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A93600D-7271-4AF5-8133-C6AA5BC8543F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B4AFFF-A537-44BD-B97A-EFA9409DB8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory."
},
{
"lang": "es",
"value": "elf/dl-load.c de ld.so en la Biblioteca GNU C (tambi\u00e9n conocida como glibc o libc6) hasta v2.11.2, y v2.12.x hasta v2.12.1 no maneja adecuadamente un valor de $ORIGIN de la variable de entorno LD_AUDIT, esto permite a usuarios locales aumentar sus privilegios mediante un objeto din\u00e1mico compartido (DSO) ubicado en un directorio aleatorio."
}
],
"id": "CVE-2010-3847",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-01-07T19:00:17.780",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2010/Oct/257"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2010/Oct/292"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2010/Oct/294"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42787"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/css/P8/documents/100120941"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2010/dsa-2122"
},
{
"source": "secalert@redhat.com",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/537223"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:207"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0872.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/515545/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/44154"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1009-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0025"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=643306"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0787.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.exploit-db.com/exploits/44024/"
},
{
"source": "secalert@redhat.com",
"url": "https://www.exploit-db.com/exploits/44025/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2010/Oct/257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2010/Oct/292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2010/Oct/294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/css/P8/documents/100120941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2122"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/537223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0872.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/515545/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/44154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1009-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=643306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0787.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/44024/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/44025/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-08 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://openwall.com/lists/oss-security/2015/02/04/1 | ||
| cve@mitre.org | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| cve@mitre.org | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| cve@mitre.org | http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | ||
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/72428 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2519-1 | ||
| cve@mitre.org | https://seclists.org/bugtraq/2019/Jun/14 | ||
| cve@mitre.org | https://seclists.org/bugtraq/2019/Sep/7 | ||
| cve@mitre.org | https://security.gentoo.org/glsa/201602-02 | ||
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06 | ||
| cve@mitre.org | https://sourceware.org/ml/libc-alpha/2015-02/msg00119.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2015/02/04/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72428 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2519-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Jun/14 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201602-02 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/ml/libc-alpha/2015-02/msg00119.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| gnu | glibc | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA913F6A-63A0-468F-A0E0-66748E337246",
"versionEndIncluding": "2.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call."
},
{
"lang": "es",
"value": "El macro ADDW en stdio-common/vfscanf.c en la librar\u00eda GNU C (tambi\u00e9n conocida como glibc o libc6) anterior a 2.21 no considera correctamente el tama\u00f1o de datos de estado durante la reserva de memoria, lo que permite a atacantes dependientes de contexto causar una denegaci\u00f3n de servicio (desbordamiento de buffer) o posiblemente tener otro impacto no especificado a trav\u00e9s de una l\u00ednea larga que contiene caracteres anchos que se manejen incorrectamente en una llamada wscanf."
}
],
"id": "CVE-2015-1472",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-08T10:59:02.673",
"references": [
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2015/02/04/1"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72428"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/ml/libc-alpha/2015-02/msg00119.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2015/02/04/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2519-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/ml/libc-alpha/2015-02/msg00119.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-31 14:15
Modified
2024-11-21 08:43
Severity ?
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://packetstormsecurity.com/files/176931/glibc-qsort-Out-Of-Bounds-Read-Write.html | Exploit, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html | Exploit, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2024/Feb/3 | Exploit, Third Party Advisory | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2024/Feb/5 | Exploit, Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2023-6246 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2249053 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/ | Mailing List | |
| secalert@redhat.com | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/ | Mailing List | |
| secalert@redhat.com | https://security.gentoo.org/glsa/202402-01 | Third Party Advisory | |
| secalert@redhat.com | https://security.netapp.com/advisory/ntap-20240216-0007/ | ||
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2024/01/30/6 | Exploit, Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/176931/glibc-qsort-Out-Of-Bounds-Read-Write.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2024/Feb/3 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2024/Feb/5 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2023-6246 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2249053 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/ | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/ | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202402-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20240216-0007/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2024/01/30/6 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| fedoraproject | fedora | 38 | |
| fedoraproject | fedora | 39 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5618FB1A-596C-4054-8DB6-7A9F189D9AFC",
"versionEndExcluding": "2.39",
"versionStartIncluding": "2.36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un desbordamiento de b\u00fafer en la regi\u00f3n Heap de la memoria en la funci\u00f3n __vsyslog_internal de la librer\u00eda glibc. Esta funci\u00f3n es llamada por las funciones syslog y vsyslog. Este problema ocurre cuando no se llam\u00f3 a la funci\u00f3n openlog, o se llam\u00f3 con el argumento ident establecido en NULL, y el nombre del programa (el nombre base de argv[0]) tiene m\u00e1s de 1024 bytes, lo que provoca un bloqueo de la aplicaci\u00f3n o una escalada de privilegios locales. Este problema afecta a glibc 2.36 y versiones posteriores."
}
],
"id": "CVE-2023-6246",
"lastModified": "2024-11-21T08:43:27.197",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-31T14:15:48.420",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/176931/glibc-qsort-Out-Of-Bounds-Read-Write.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/5"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6246"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249053"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202402-01"
},
{
"source": "secalert@redhat.com",
"url": "https://security.netapp.com/advisory/ntap-20240216-0007/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/176931/glibc-qsort-Out-Of-Bounds-Read-Write.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202402-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20240216-0007/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-10 18:15
Modified
2025-04-11 00:51
Severity ?
Summary
The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1098.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1200.html | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/07/11/17 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1589-1 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=833703 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201503-04 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=12445 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1098.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1200.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/07/11/17 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1589-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=833703 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=12445 | Exploit, Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.12 | |
| redhat | enterprise_virtualization | 3.0 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 11.04 | |
| canonical | ubuntu_linux | 11.10 | |
| canonical | ubuntu_linux | 12.04 | |
| redhat | enterprise_linux | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "18F57529-10DF-447A-8C53-DD4B1C2AA21E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "D6DFE2D3-46E2-4D0C-8508-30307D654560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers."
},
{
"lang": "es",
"value": "La funci\u00f3n vfprintf en stdio-common/vfprintf.c en libc en GNU C Library (tambi\u00e9n conocido como glibc) 2.12 y otras versiones no calcula correctamente una longitud de buffer, lo que permite a atacantes dependientes de contexto evadir el mecanismo de protecci\u00f3n de cadenas de formato FORTIFY_SOURCE y causar una denegaci\u00f3n de servicio (corrupci\u00f3n de pila y ca\u00edda) a trav\u00e9s de una cadena de formato que utiliza par\u00e1metros posicionales y muchos especificadores de formato."
}
],
"id": "CVE-2012-3404",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-10T18:15:10.013",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833703"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=12445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1200.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=12445"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-15 04:15
Modified
2024-11-21 04:17
Severity ?
Summary
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| josh@bress.net | http://www.securityfocus.com/bid/109162 | Third Party Advisory, VDB Entry | |
| josh@bress.net | https://security-tracker.debian.org/tracker/CVE-2019-1010024 | ||
| josh@bress.net | https://sourceware.org/bugzilla/show_bug.cgi?id=22852 | Exploit, Issue Tracking, Third Party Advisory | |
| josh@bress.net | https://support.f5.com/csp/article/K06046097 | ||
| josh@bress.net | https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS | ||
| josh@bress.net | https://ubuntu.com/security/CVE-2019-1010024 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/109162 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2019-1010024 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=22852 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K06046097 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K06046097?utm_source=f5support&%3Butm_medium=RSS | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://ubuntu.com/security/CVE-2019-1010024 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68D5A70D-5CEE-4E19-BF35-0245A0E0F6BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "josh@bress.net",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat."
},
{
"lang": "es",
"value": "** EN DISPUTA ** La biblioteca Libc actual de GNU est\u00e1 afectada por: Omisi\u00f3n de Mitigaci\u00f3n. El impacto es que: el atacante puede omitir la funcionalidad ASLR utilizando la cach\u00e9 del subproceso (hilo) stack y heap. El componente es: glibc. NOTA: Los comentarios de arriba indican que \"esto est\u00e1 siendo tratado como un error de seguridad y no una amenaza real\""
}
],
"id": "CVE-2019-1010024",
"lastModified": "2024-11-21T04:17:55.843",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-15T04:15:13.473",
"references": [
{
"source": "josh@bress.net",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/109162"
},
{
"source": "josh@bress.net",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010024"
},
{
"source": "josh@bress.net",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852"
},
{
"source": "josh@bress.net",
"url": "https://support.f5.com/csp/article/K06046097"
},
{
"source": "josh@bress.net",
"url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"source": "josh@bress.net",
"url": "https://ubuntu.com/security/CVE-2019-1010024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/109162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K06046097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K06046097?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://ubuntu.com/security/CVE-2019-1010024"
}
],
"sourceIdentifier": "josh@bress.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-05-16 20:15
Modified
2025-06-17 14:09
Severity ?
Summary
Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | https://sourceware.org/bugzilla/show_bug.cgi?id=32976 | Issue Tracking | |
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/05/16/7 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/05/17/2 | Exploit, Mailing List |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29CCC9F6-2130-4DA8-8B5D-7A00337CBC0A",
"versionEndIncluding": "2.38",
"versionStartIncluding": "2.27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo)."
},
{
"lang": "es",
"value": "La vulnerabilidad de la variable de entorno no confiable LD_LIBRARY_PATH en GNU C Library versi\u00f3n 2.27 a 2.38 permite al atacante cargar, controlada por un atacante, una librer\u00eda compartida din\u00e1micamente en binarios setuid compilados est\u00e1ticamente que llaman a dlopen (incluidas las llamadas internas a dlopen despu\u00e9s de setlocale o las llamadas a funciones NSS como getaddrinfo)."
}
],
"id": "CVE-2025-4802",
"lastModified": "2025-06-17T14:09:23.137",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-05-16T20:15:22.280",
"references": [
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32976"
},
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Patch"
],
"url": "https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2025/05/16/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2025/05/17/2"
}
],
"sourceIdentifier": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-426"
}
],
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-09 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2013-1411.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2013-1605.html | ||
| secalert@redhat.com | http://secunia.com/advisories/55113 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:284 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2013/09/12/6 | Patch | |
| secalert@redhat.com | http://www.securityfocus.com/bid/62324 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1991-1 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4332 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201503-04 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=15855 | Exploit | |
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=15856 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=15857 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-1411.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-1605.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/55113 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:284 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/09/12/6 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/62324 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1991-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4332 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=15855 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=15856 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=15857 | Exploit |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 | |
| gnu | glibc | 2.13 | |
| gnu | glibc | 2.14 | |
| gnu | glibc | 2.14.1 | |
| gnu | glibc | 2.15 | |
| gnu | glibc | 2.16 | |
| gnu | glibc | 2.17 | |
| redhat | enterprise_linux | 5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDDAD2B2-386E-4DEA-A20E-0C2197E12089",
"versionEndIncluding": "2.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5D113-EF53-4690-92AC-B6E54D70AA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92B1C39D-1183-4FAE-85C2-D1DC7AA6F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "733A1711-D2FC-45C6-9542-893860851F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4CFA8E-9892-4DDA-9DB2-581711E974A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E91F85-7872-4290-BE7F-C966AC2773CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de enteros en malloc/malloc.c de GNU C Library (tambi\u00e9n conocida como glibc o libc6) 2.18 y anteriores versiones permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria din\u00e1mica) a trav\u00e9s de un valor largo de funciones (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, o (5) aligned_alloc."
}
],
"id": "CVE-2013-4332",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-09T22:55:02.667",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1411.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1605.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/55113"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2013/09/12/6"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/62324"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4332"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15855"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15856"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1411.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1605.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2013/09/12/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/62324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=15857"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-01 16:29
Modified
2025-04-20 01:37
Severity ?
Summary
The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/100598 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2018:0805 | ||
| cve@mitre.org | https://arxiv.org/pdf/1205.4011.pdf | Technical Description, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=21361 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100598 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:0805 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://arxiv.org/pdf/1205.4011.pdf | Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=21361 | Issue Tracking, Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3B907D-79AF-44AC-BD23-C369CD6AE173",
"versionEndIncluding": "2.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation."
},
{
"lang": "es",
"value": "La herramienta de resoluci\u00f3n de zonas stub de DNS en la librer\u00eda GNU C, tambi\u00e9n conocida como glibc o libc6, en sus versiones anteriores a la 2.26 cuando el soporte EDNS est\u00e1 activado, solicitar\u00e1 respuestas UDP de gran tama\u00f1o de servidores de nombres, pudiendo simplificar los ataques de suplantaci\u00f3n de DNS debido a una fragmentaci\u00f3n de IP."
}
],
"id": "CVE-2017-12132",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-01T16:29:00.180",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/100598"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://arxiv.org/pdf/1205.4011.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/100598"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:0805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://arxiv.org/pdf/1205.4011.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21361"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-11-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | ftp://patches.sgi.com/support/free/security/advisories/20021103-01-P | ||
| cve@mitre.org | http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/51082 | ||
| cve@mitre.org | http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2004.0800.1 | ||
| cve@mitre.org | http://www.info.apple.com/usen/security/security_updates.html | ||
| cve@mitre.org | http://www.iss.net/security_center/static/10539.php | Vendor Advisory | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/266817 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/bid/6103 | Vendor Advisory | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2248 | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20021103-01-P | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/51082 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2004.0800.1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.info.apple.com/usen/security/security_updates.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10539.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/266817 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/6103 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2248 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.3.10 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| sgi | irix | 2.3.1 | |
| sgi | irix | 6.5 | |
| sgi | irix | 6.5.1 | |
| sgi | irix | 6.5.2 | |
| sgi | irix | 6.5.3 | |
| sgi | irix | 6.5.4 | |
| sgi | irix | 6.5.5 | |
| sgi | irix | 6.5.6 | |
| sgi | irix | 6.5.7 | |
| sgi | irix | 6.5.8 | |
| sgi | irix | 6.5.9 | |
| sgi | irix | 6.5.10 | |
| sgi | irix | 6.5.11 | |
| sgi | irix | 6.5.12 | |
| sgi | irix | 6.5.13 | |
| sgi | irix | 6.5.14f | |
| sgi | irix | 6.5.14m | |
| sgi | irix | 6.5.15f | |
| sgi | irix | 6.5.15m | |
| sgi | irix | 6.5.16f | |
| sgi | irix | 6.5.16m | |
| sgi | irix | 6.5.17f | |
| sgi | irix | 6.5.17m | |
| apple | mac_os_x | 10.0 | |
| apple | mac_os_x | 10.0.1 | |
| apple | mac_os_x | 10.0.2 | |
| apple | mac_os_x | 10.0.3 | |
| apple | mac_os_x | 10.0.4 | |
| apple | mac_os_x | 10.1 | |
| apple | mac_os_x | 10.1.1 | |
| apple | mac_os_x | 10.1.2 | |
| apple | mac_os_x | 10.1.3 | |
| apple | mac_os_x | 10.1.4 | |
| apple | mac_os_x | 10.1.5 | |
| apple | mac_os_x | 10.2 | |
| apple | mac_os_x | 10.2.1 | |
| apple | mac_os_x_server | 10.0 | |
| apple | mac_os_x_server | 10.2 | |
| apple | mac_os_x_server | 10.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD93D5-70BB-475C-BDD3-DEDE9965C5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C19DFA-9EF4-4892-987D-0153A545B613",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6ECB750B-9F53-4DB6-8B26-71BCCA446FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5663579C-3AD2-4E5B-A595-C8DB984F9C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "41AA1290-5039-406F-B195-3A4C018202D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "60CC9410-F6B8-4748-B76F-30626279028E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC67401-C85A-4E4E-AE61-85FEBBF4346B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4427AC-07C1-4765-981B-B5D86D698C2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "63EF0CEE-74A9-45C8-8AFD-77815230ACC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.14f:*:*:*:*:*:*:*",
"matchCriteriaId": "A7B59E7C-B059-41CD-AE33-E9623ADA12BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.14m:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF1B657-C910-4BB0-828C-09B6A59D988D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.15f:*:*:*:*:*:*:*",
"matchCriteriaId": "72D61A9F-AC57-4DD9-9047-74BFA9BFACFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.15m:*:*:*:*:*:*:*",
"matchCriteriaId": "C254FC5D-895D-4EFC-B9A7-74699D9FE65E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.16f:*:*:*:*:*:*:*",
"matchCriteriaId": "27532639-37CD-4BD2-AE48-F741009D3449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.16m:*:*:*:*:*:*:*",
"matchCriteriaId": "F83879DE-1BD7-4FF7-ACC6-5B119DB09BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*",
"matchCriteriaId": "EED22734-8AAC-4897-BB71-438E19B8A005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA9C28F-18E6-4199-9740-FAB00563EBF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99C273D1-ADFE-4B4C-B543-7B9CA741A117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC31B69-3DE1-4CF3-ADC9-CA0BF1714CBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77CC671C-6D89-4279-86F7-DDE1D4D9A0CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4B77F6-E71C-45ED-96CC-7872AD2FCBF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "066ABC3B-B395-42D2-95C0-5B810F91A6F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC19FC-6E03-4000-AE4B-232E47FA76F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "421FC2DD-0CF7-44A2-A63C-5221689E2363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8B70BC-42B7-453A-B506-7BE69D49A4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAAC6EA5-DCB2-4A50-A8BC-25CC43FAEF9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CA32F7D8-02F8-4CFE-B193-2888807BC4D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9DCDE70-07DA-4F0B-805F-6BA03D410CD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB279593-17D1-4A65-BF54-969B38B74B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E831F3E-A980-47AF-BD05-2DB1A14689B4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang)."
},
{
"lang": "es",
"value": "La funcionalidad RPC de Sun en m\u00faltiples implementaciones de libc no provee de un mecanismo de exceso de tiempo cuando se leen datos de conexiones TCP, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (cuelgue)"
}
],
"id": "CVE-2002-1265",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-11-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021103-01-P"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/51082"
},
{
"source": "cve@mitre.org",
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2004.0800.1"
},
{
"source": "cve@mitre.org",
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10539.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/266817"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6103"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2248"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021103-01-P"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/51082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2004.0800.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10539.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/266817"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2248"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-20 16:59
Modified
2025-04-20 01:37
Severity ?
Summary
The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2015/02/26/5 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2017/02/14/9 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72789 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=18032 | Issue Tracking, Patch | |
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4a28f4d55a6cc33474c0792fe93b5942d81bf185 | ||
| cve@mitre.org | https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/02/26/5 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2017/02/14/9 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72789 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=18032 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4a28f4d55a6cc33474c0792fe93b5942d81bf185 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57CAD5CA-C7C1-4567-8E5B-FCA4DA4D516D",
"versionEndIncluding": "2.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read."
},
{
"lang": "es",
"value": "La funci\u00f3n fnmatch en GNU C Library (tambi\u00e9n conocida como glibc o libc6) en versiones anteriores a 2.22 podr\u00eda permitir a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un patr\u00f3n malformado, que desencadena una lectura fuera de l\u00edmites."
}
],
"id": "CVE-2015-8984",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-20T16:59:01.500",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/26/5"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72789"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18032"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4a28f4d55a6cc33474c0792fe93b5942d81bf185"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/26/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4a28f4d55a6cc33474c0792fe93b5942d81bf185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-11 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-015.txt.asc | ||
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000535 | ||
| cve@mitre.org | http://www.iss.net/security_center/static/10295.php | Vendor Advisory | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/738331 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:009 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-197.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-258.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-022.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-212.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-015.txt.asc | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000535 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10295.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/738331 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:009 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-197.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-258.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-022.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-212.html |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5272D01-D7FC-41DA-B565-9054AA55FABD",
"versionEndIncluding": "2.2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary (\"read buffer overflow\"), allowing remote attackers to cause a denial of service (crash)."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el c\u00f3digo de resoluci\u00f3n de glib 2.2.5 y anteriores permite a atacantes remotos causar una denegaci\u00f3n de servicio (caida) mediante una operaci\u00f3n de lectura en paquetes DNS largos."
}
],
"id": "CVE-2002-1146",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-11T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-015.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000535"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10295.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/738331"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:009"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-197.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-258.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-022.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-212.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-015.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10295.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/738331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-197.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-258.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-212.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-15 19:59
Modified
2025-04-20 01:37
Severity ?
Summary
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2015/02/13/3 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2017/02/14/9 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72602 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E | ||
| cve@mitre.org | https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=16009 | Issue Tracking, Patch | |
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=0f9e585480ed | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/02/13/3 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2017/02/14/9 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72602 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=16009 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=0f9e585480ed |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA913F6A-63A0-468F-A0E0-66748E337246",
"versionEndIncluding": "2.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n strxfrm en la GNU C Library (tambi\u00e9n conocida como glibc o libc6) en versiones anteriores a 2.21 permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio (ca\u00edda) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena larga, lo que desencadena un desbordamiento de b\u00fafer basado en pila."
}
],
"id": "CVE-2015-8982",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-15T19:59:00.360",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/13/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72602"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=0f9e585480ed"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/02/13/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=0f9e585480ed"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-20 16:59
Modified
2025-04-20 01:37
Severity ?
Summary
The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2017/02/14/9 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/76916 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779392 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201908-06 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2017/02/14/9 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/76916 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779392 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201908-06 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4959A9E5-70A1-4E9D-99BA-DF6C98ED8B34",
"versionEndExcluding": "2.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing."
},
{
"lang": "es",
"value": "La funci\u00f3n pop_fail_stack en GNU C Library (tambi\u00e9n conocida como glibc o libc6) permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio (fallo de aserci\u00f3n y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de vectores relacionados con el procesamiento extendido de expresiones regulares."
}
],
"id": "CVE-2015-8985",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-20T16:59:01.563",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/76916"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779392"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201908-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/76916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201908-06"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-04-08 15:17
Modified
2025-04-11 00:51
Severity ?
Summary
ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a (1) setuid or (2) setgid program with this RPATH value, and then executing the program with a crafted value for the LD_PRELOAD environment variable, a different vulnerability than CVE-2010-3847 and CVE-2011-0536. NOTE: it is not expected that any standard operating-system distribution would ship an applicable setuid or setgid program.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/46397 | ||
| cve@mitre.org | http://sourceware.org/bugzilla/show_bug.cgi?id=12393 | Patch | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/520102/100/0/threaded | ||
| cve@mitre.org | http://www.vmware.com/security/advisories/VMSA-2011-0012.html | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=667974 | Patch | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/66820 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46397 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/bugzilla/show_bug.cgi?id=12393 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/520102/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2011-0012.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=667974 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/66820 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 1.00 | |
| gnu | glibc | 1.01 | |
| gnu | glibc | 1.02 | |
| gnu | glibc | 1.03 | |
| gnu | glibc | 1.04 | |
| gnu | glibc | 1.05 | |
| gnu | glibc | 1.06 | |
| gnu | glibc | 1.07 | |
| gnu | glibc | 1.08 | |
| gnu | glibc | 1.09 | |
| gnu | glibc | 1.09.1 | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.3.10 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 | |
| gnu | glibc | 2.3.5 | |
| gnu | glibc | 2.3.6 | |
| gnu | glibc | 2.3.10 | |
| gnu | glibc | 2.4 | |
| gnu | glibc | 2.5 | |
| gnu | glibc | 2.5.1 | |
| gnu | glibc | 2.6 | |
| gnu | glibc | 2.6.1 | |
| gnu | glibc | 2.7 | |
| gnu | glibc | 2.8 | |
| gnu | glibc | 2.9 | |
| gnu | glibc | 2.10 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.10.2 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12.0 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C95B740-039D-40BB-BC5B-8D6790E90607",
"versionEndIncluding": "2.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "AA23C241-132B-423E-A22A-7206A8074D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F79978B1-8831-4169-B815-80138C85832C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "991EB676-F043-418D-BD81-0BB937236D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0C5DB0-602E-4296-884C-60E24FC80458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "3211F47C-DF6D-4355-95F8-DED317700621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "229BFD88-A90F-4D2B-97B9-822A7D87EAEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE253B0-D8E0-4099-8CA7-8925B4809F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*",
"matchCriteriaId": "D640F556-8181-4F15-B2F7-7EC7E8869FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*",
"matchCriteriaId": "061383CD-B9AD-41C6-8C46-F79870B9CD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*",
"matchCriteriaId": "9897B03F-A457-4B29-9C5E-FEA084D3BF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C3684B-CE01-46B5-9E41-BF58E6A5AA64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD93D5-70BB-475C-BDD3-DEDE9965C5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44A511B6-72EC-4200-8C1C-BDE30BC2431A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B03C644D-0EF9-4586-96D5-5DEE78D9D5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47AD8A88-DAF0-4206-8661-70075BA2AE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42AD17CD-545F-425A-92CF-0EE5F5B5F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0660536D-7F82-4B91-8B84-704D26FE989F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E2037E8C-43E8-4121-B877-1834282ACD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5E85-9AFA-429A-AC51-8D8EC2841330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D41ABE25-DECD-4068-93DA-0B85281FD93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "84600406-0CE2-46EA-A5AD-4CC0D3494AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A96FA9ED-7529-440D-984D-6340B94D8243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D70AB0-2910-4191-9980-5BA78E8F2E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A93600D-7271-4AF5-8133-C6AA5BC8543F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B4AFFF-A537-44BD-B97A-EFA9409DB8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a (1) setuid or (2) setgid program with this RPATH value, and then executing the program with a crafted value for the LD_PRELOAD environment variable, a different vulnerability than CVE-2010-3847 and CVE-2011-0536. NOTE: it is not expected that any standard operating-system distribution would ship an applicable setuid or setgid program."
},
{
"lang": "es",
"value": "ld.so en la librer\u00eda C GNU (tambi\u00e9n conocida como glibc o libc6) v2.13 y anteriores expande la cadena din\u00e1mica $ORIGEN cuando $RPATH esta compuesta de este token, lo que podr\u00eda permitir a usuarios locales obtener privilegios mediante la creaci\u00f3n de un enlace duro en un directorio arbitrario para (1) setuid o (2) un programa setgid con este valor RPATH,y ejecutar el programa con el valor manipulado para la variable de entorno LD_PRELOAD, una vulnerabilidad diferente de CVE-2010-3847 y CVE-2011-0536. NOTA: no se espera que cualquier tipo de distribuci\u00f3n envie un programa setuid o setgid aplicable."
}
],
"id": "CVE-2011-1658",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-04-08T15:17:28.493",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/46397"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12393"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=667974"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66820"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=12393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=667974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66820"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-04 13:15
Modified
2024-11-21 01:55
Severity ?
Summary
slim has NULL pointer dereference when using crypt() method from glibc 2.17
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2013/10/09/6 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/62906 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://access.redhat.com/security/cve/cve-2013-4412 | Broken Link, Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4412 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/89675 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://security-tracker.debian.org/tracker/CVE-2013-4412 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/10/09/6 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/62906 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2013-4412 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4412 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/89675 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2013-4412 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| berlios | slim | * | |
| gnu | glibc | * | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:berlios:slim:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3312E8CA-64E1-47AF-873D-3106AD072DEB",
"versionEndExcluding": "1.3.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7FC3D0A-4B6C-4619-AB5C-5BEC07AB20F1",
"versionStartIncluding": "2.17",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "slim has NULL pointer dereference when using crypt() method from glibc 2.17"
},
{
"lang": "es",
"value": "slim presenta una desreferencia del puntero NULL cuando es usado el m\u00e9todo crypt() de glibc versi\u00f3n 2.17."
}
],
"id": "CVE-2013-4412",
"lastModified": "2024-11-21T01:55:31.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-04T13:15:10.357",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/10/09/6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/62906"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2013-4412"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4412"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89675"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/10/09/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/62906"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2013-4412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4412"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-04 20:15
Modified
2024-11-21 06:29
Severity ?
Summary
In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states "the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there's no security impact to the bug.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.tuxcare.com/vulnerability/vulnerability-in-iconv-identified-by-tuxcare-team-cve-2021-43396 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=28524 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ff012870b2c02a62598c04daa1e54632e020fd7d | ||
| cve@mitre.org | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.tuxcare.com/vulnerability/vulnerability-in-iconv-identified-by-tuxcare-team-cve-2021-43396 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=28524 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ff012870b2c02a62598c04daa1e54632e020fd7d | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.34 | |
| oracle | communications_cloud_native_core_binding_support_function | 22.1.3 | |
| oracle | communications_cloud_native_core_network_function_cloud_native_environment | 22.1.0 | |
| oracle | communications_cloud_native_core_network_repository_function | 22.1.2 | |
| oracle | communications_cloud_native_core_network_repository_function | 22.2.0 | |
| oracle | communications_cloud_native_core_security_edge_protection_proxy | 22.1.1 | |
| oracle | communications_cloud_native_core_unified_data_repository | 22.2.0 | |
| oracle | enterprise_operations_monitor | 4.3 | |
| oracle | enterprise_operations_monitor | 4.4 | |
| oracle | enterprise_operations_monitor | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F6C033-0739-43A2-B661-B8C72F3CDD03",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDB6772-7FDB-45FF-8D72-952902A7EE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04E6C8E9-2024-496C-9BFD-4548A5B44E2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A264E0DE-209D-49B1-8B26-51AB8BBC97F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB5FF32-7362-4A1E-AD24-EF6B8770FCAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B40FAF9-0A6B-41C4-8CAD-D3D1DD982C2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74810125-09E6-4F27-B541-AFB61112AC56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_operations_monitor:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5453265-3BE1-4AF0-BE50-13C2EF67F49B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_operations_monitor:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "93E0B297-A319-4961-976C-7DDA5A0B9353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_operations_monitor:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AEFDF7DD-4D5D-410B-840F-99A8D7DEE4A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious \u0027\\0\u0027 character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states \"the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there\u0027s no security impact to the bug."
},
{
"lang": "es",
"value": "** EN DISPUTA ** En el archivo iconvdata/iso-2022-jp-3.c de la Biblioteca C de GNU (tambi\u00e9n conocida como glibc) 2.34, los atacantes remotos pueden forzar a iconv() a emitir un car\u00e1cter espurio \u0027\\0\u0027 a trav\u00e9s de datos ISO-2022-JP-3 manipulados que van acompa\u00f1ados de un reinicio de estado interno. Esto puede afectar a la integridad de los datos en ciertos casos de uso de iconv(). NOTA: el proveedor afirma que \"el fallo no puede ser invocado a trav\u00e9s de la entrada del usuario y requiere que iconv sea invocado con un inbuf NULL, lo que deber\u00eda requerir un fallo de aplicaci\u00f3n separado para hacerlo involuntariamente. Por lo tanto, el fallo no tiene impacto en la seguridad\"."
}
],
"id": "CVE-2021-43396",
"lastModified": "2024-11-21T06:29:09.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-04T20:15:09.223",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.tuxcare.com/vulnerability/vulnerability-in-iconv-identified-by-tuxcare-team-cve-2021-43396"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28524"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ff012870b2c02a62598c04daa1e54632e020fd7d"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.tuxcare.com/vulnerability/vulnerability-in-iconv-identified-by-tuxcare-team-cve-2021-43396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ff012870b2c02a62598c04daa1e54632e020fd7d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-24 15:15
Modified
2025-06-09 15:15
Severity ?
2.5 (Low) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2.5 (Low) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
2.5 (Low) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/ | ||
| cve@mitre.org | https://security.gentoo.org/glsa/202107-07 | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=27462 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202107-07 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=27462 | Issue Tracking, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "174E5B68-7057-43C3-9294-D0C9DA73B1D3",
"versionEndIncluding": "2.33",
"versionStartIncluding": "2.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c."
},
{
"lang": "es",
"value": "El demonio de almacenamiento en cach\u00e9 nameserver (nscd) en el GNU C Library (tambi\u00e9n se conoce como glibc o libc6) versiones 2.29 hasta 2.33, cuando se procesa una petici\u00f3n de b\u00fasqueda de netgroup, puede cometer un fallo debido a una doble liberaci\u00f3n, potencialmente resultando en un servicio degradado o denegaci\u00f3n de servicio en el sistema local.\u0026#xa0;Esto est\u00e1 relacionado con el archivo netgroupcache.c"
}
],
"id": "CVE-2021-27645",
"lastModified": "2025-06-09T15:15:25.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2021-02-24T15:15:13.837",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-03-25 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc | ||
| cve@mitre.org | http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=104810574423662&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=104811415301340&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=104860855114117&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=104878237121402&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=105362148313082&w=2 | ||
| cve@mitre.org | http://www.cert.org/advisories/CA-2003-10.html | Patch, Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.debian.org/security/2003/dsa-266 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-272 | ||
| cve@mitre.org | http://www.debian.org/security/2003/dsa-282 | ||
| cve@mitre.org | http://www.eeye.com/html/Research/Advisories/AD20030318.html | Exploit, Vendor Advisory | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/516825 | US Government Resource | |
| cve@mitre.org | http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2003:037 | ||
| cve@mitre.org | http://www.novell.com/linux/security/advisories/2003_027_glibc.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-051.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-052.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-089.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-091.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/315638/30/25430/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/316931/30/25250/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/316960/30/25250/threaded | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230 | ||
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20150122-0002/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=104810574423662&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=104811415301340&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=104860855114117&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=104878237121402&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=105362148313082&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cert.org/advisories/CA-2003-10.html | Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-266 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-272 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-282 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.eeye.com/html/Research/Advisories/AD20030318.html | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/516825 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2003:037 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2003_027_glibc.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-051.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-052.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-089.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-091.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/315638/30/25430/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/316931/30/25250/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/316960/30/25250/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20150122-0002/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| mit | kerberos_5 | 1.2 | |
| mit | kerberos_5 | 1.2.1 | |
| mit | kerberos_5 | 1.2.2 | |
| mit | kerberos_5 | 1.2.3 | |
| mit | kerberos_5 | 1.2.4 | |
| mit | kerberos_5 | 1.2.5 | |
| mit | kerberos_5 | 1.2.6 | |
| mit | kerberos_5 | 1.2.7 | |
| openafs | openafs | 1.0 | |
| openafs | openafs | 1.0.1 | |
| openafs | openafs | 1.0.2 | |
| openafs | openafs | 1.0.3 | |
| openafs | openafs | 1.0.4 | |
| openafs | openafs | 1.0.4a | |
| openafs | openafs | 1.1 | |
| openafs | openafs | 1.1.1 | |
| openafs | openafs | 1.1.1a | |
| openafs | openafs | 1.2 | |
| openafs | openafs | 1.2.1 | |
| openafs | openafs | 1.2.2 | |
| openafs | openafs | 1.2.2a | |
| openafs | openafs | 1.2.2b | |
| openafs | openafs | 1.2.3 | |
| openafs | openafs | 1.2.4 | |
| openafs | openafs | 1.2.5 | |
| openafs | openafs | 1.2.6 | |
| openafs | openafs | 1.3 | |
| openafs | openafs | 1.3.1 | |
| openafs | openafs | 1.3.2 | |
| sgi | irix | 6.5 | |
| sgi | irix | 6.5.1 | |
| sgi | irix | 6.5.2 | |
| sgi | irix | 6.5.2f | |
| sgi | irix | 6.5.2m | |
| sgi | irix | 6.5.3 | |
| sgi | irix | 6.5.3f | |
| sgi | irix | 6.5.3m | |
| sgi | irix | 6.5.4 | |
| sgi | irix | 6.5.4f | |
| sgi | irix | 6.5.4m | |
| sgi | irix | 6.5.5 | |
| sgi | irix | 6.5.5f | |
| sgi | irix | 6.5.5m | |
| sgi | irix | 6.5.6 | |
| sgi | irix | 6.5.6f | |
| sgi | irix | 6.5.6m | |
| sgi | irix | 6.5.7 | |
| sgi | irix | 6.5.7f | |
| sgi | irix | 6.5.7m | |
| sgi | irix | 6.5.8 | |
| sgi | irix | 6.5.8f | |
| sgi | irix | 6.5.8m | |
| sgi | irix | 6.5.9 | |
| sgi | irix | 6.5.9f | |
| sgi | irix | 6.5.9m | |
| sgi | irix | 6.5.10 | |
| sgi | irix | 6.5.10f | |
| sgi | irix | 6.5.10m | |
| sgi | irix | 6.5.11 | |
| sgi | irix | 6.5.11f | |
| sgi | irix | 6.5.11m | |
| sgi | irix | 6.5.12 | |
| sgi | irix | 6.5.12f | |
| sgi | irix | 6.5.12m | |
| sgi | irix | 6.5.13 | |
| sgi | irix | 6.5.13f | |
| sgi | irix | 6.5.13m | |
| sgi | irix | 6.5.14 | |
| sgi | irix | 6.5.14f | |
| sgi | irix | 6.5.14m | |
| sgi | irix | 6.5.15 | |
| sgi | irix | 6.5.15f | |
| sgi | irix | 6.5.15m | |
| sgi | irix | 6.5.16 | |
| sgi | irix | 6.5.16f | |
| sgi | irix | 6.5.16m | |
| sgi | irix | 6.5.17 | |
| sgi | irix | 6.5.17f | |
| sgi | irix | 6.5.17m | |
| sgi | irix | 6.5.18 | |
| sgi | irix | 6.5.18f | |
| sgi | irix | 6.5.18m | |
| sgi | irix | 6.5.19 | |
| sgi | irix | 6.5.20 | |
| cray | unicos | 6.0 | |
| cray | unicos | 6.0e | |
| cray | unicos | 6.1 | |
| cray | unicos | 7.0 | |
| cray | unicos | 8.0 | |
| cray | unicos | 8.3 | |
| cray | unicos | 9.0 | |
| cray | unicos | 9.0.2.5 | |
| cray | unicos | 9.2 | |
| cray | unicos | 9.2.4 | |
| freebsd | freebsd | 4.0 | |
| freebsd | freebsd | 4.1 | |
| freebsd | freebsd | 4.1.1 | |
| freebsd | freebsd | 4.1.1 | |
| freebsd | freebsd | 4.1.1 | |
| freebsd | freebsd | 4.2 | |
| freebsd | freebsd | 4.2 | |
| freebsd | freebsd | 4.3 | |
| freebsd | freebsd | 4.3 | |
| freebsd | freebsd | 4.3 | |
| freebsd | freebsd | 4.4 | |
| freebsd | freebsd | 4.4 | |
| freebsd | freebsd | 4.5 | |
| freebsd | freebsd | 4.5 | |
| freebsd | freebsd | 4.5 | |
| freebsd | freebsd | 4.6 | |
| freebsd | freebsd | 4.6 | |
| freebsd | freebsd | 4.6 | |
| freebsd | freebsd | 4.6.2 | |
| freebsd | freebsd | 4.7 | |
| freebsd | freebsd | 4.7 | |
| freebsd | freebsd | 4.7 | |
| freebsd | freebsd | 5.0 | |
| hp | hp-ux | 10.20 | |
| hp | hp-ux | 10.24 | |
| hp | hp-ux | 11.00 | |
| hp | hp-ux | 11.04 | |
| hp | hp-ux | 11.11 | |
| hp | hp-ux | 11.20 | |
| hp | hp-ux | 11.22 | |
| hp | hp-ux_series_700 | 10.20 | |
| hp | hp-ux_series_800 | 10.20 | |
| ibm | aix | 4.3.3 | |
| ibm | aix | 5.1 | |
| ibm | aix | 5.2 | |
| openbsd | openbsd | 2.0 | |
| openbsd | openbsd | 2.1 | |
| openbsd | openbsd | 2.2 | |
| openbsd | openbsd | 2.3 | |
| openbsd | openbsd | 2.4 | |
| openbsd | openbsd | 2.5 | |
| openbsd | openbsd | 2.6 | |
| openbsd | openbsd | 2.7 | |
| openbsd | openbsd | 2.8 | |
| openbsd | openbsd | 2.9 | |
| openbsd | openbsd | 3.0 | |
| openbsd | openbsd | 3.1 | |
| openbsd | openbsd | 3.2 | |
| sun | solaris | 2.5.1 | |
| sun | solaris | 2.6 | |
| sun | solaris | 7.0 | |
| sun | solaris | 8.0 | |
| sun | solaris | 9.0 | |
| sun | solaris | 9.0 | |
| sun | sunos | - | |
| sun | sunos | 5.5.1 | |
| sun | sunos | 5.7 | |
| sun | sunos | 5.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8C0C82-749E-4837-88F8-FB56A753B094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD672FA-918D-48CB-BC03-4E412AF0DCCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B363A4-BB7A-48A2-AE6B-BD2DDD46E7CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "74EF42A5-EC47-4475-81D6-FD1E9C2B8A3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "30F2CBEF-6FA1-4E07-8163-6AFEDC93FCE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D133CB0D-8A54-4DAA-9FE8-0B367544DE65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7B2C23BD-1995-4F09-B444-87DDDE21817E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EEF118BE-6351-4768-A3F0-DFE0065273D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DBC8B64A-B5A9-4F66-86AD-0288F8E3D62D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BE08E0AC-71F8-456B-9E88-43E94A6A2F47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10CFD4A8-71AE-4F85-B86D-001461ECC2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD3D4A8-934B-420A-AF4A-36DD16E2F851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9D7AD53C-917A-41CC-83CD-6DF825E2640E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.0.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "F6F84C9B-8073-4EBE-AA75-A373772A42EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E921700-C76F-41EA-AA61-6F939ED329CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BDBD251-3E96-4068-AD24-E5B1802769E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "23A07568-7B15-49F1-9163-40A0BFF38309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E8A18760-0921-475E-9104-4DF480697E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CD01B5F6-7E91-4FE8-B345-42D58C786FCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34002792-689C-45B5-9B5A-94B5342AC20B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "3331166E-ABBA-4326-8EF4-88872B9824A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.2b:*:*:*:*:*:*:*",
"matchCriteriaId": "302A9220-4C73-4D69-8B62-B64A7E280B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B8FC287-D6D8-44BA-9125-3E64624ECDFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "295C09E5-23C3-4F9E-80FC-B0C4EC34C846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0295B94D-BE71-4DA2-81C5-E5BBCF0E17AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBADEB7-0073-42EB-B53D-ADA227898493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "299D4344-A1DB-4EC3-B1A2-5E07FB2B585F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72BE26C0-4A71-43AE-B134-3CE6DE839349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE590EA3-85F6-462A-BCC1-0550192F8F9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6ECB750B-9F53-4DB6-8B26-71BCCA446FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.2f:*:*:*:*:*:*:*",
"matchCriteriaId": "BB113626-38E2-4C42-A6A9-4BBDA0AC4A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*",
"matchCriteriaId": "772E3C7E-9947-414F-8642-18653BB048E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*",
"matchCriteriaId": "8D51EC29-8836-4F87-ABF8-FF7530DECBB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*",
"matchCriteriaId": "518B7253-7B0F-4A0A-ADA7-F3E3B5AAF877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.4f:*:*:*:*:*:*:*",
"matchCriteriaId": "3CEC8518-4DBA-43AA-90B8-279F2DD4A2DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.4m:*:*:*:*:*:*:*",
"matchCriteriaId": "3F8286F3-DF0E-4D8E-A27D-0C5182D5870C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5663579C-3AD2-4E5B-A595-C8DB984F9C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.5f:*:*:*:*:*:*:*",
"matchCriteriaId": "B306EE13-57CF-43A6-AA72-C641C53A2A23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.5m:*:*:*:*:*:*:*",
"matchCriteriaId": "6291BEE1-73D2-4976-B065-E135880F73B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.6f:*:*:*:*:*:*:*",
"matchCriteriaId": "621C31D9-8102-4F2D-8008-B32020F0B831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.6m:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF5E9B8-62F9-4A6F-9C0C-551980981366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.7f:*:*:*:*:*:*:*",
"matchCriteriaId": "F883CF73-CDA0-4B50-98E6-1B5DE0A4A816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.7m:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C9F200-68AC-4B45-8AFC-F604429FDF3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.8f:*:*:*:*:*:*:*",
"matchCriteriaId": "1742BF2B-63C7-441D-9A01-DE65C95911D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.8m:*:*:*:*:*:*:*",
"matchCriteriaId": "D30B7C42-CEE8-4377-957C-BCCE35C071A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "41AA1290-5039-406F-B195-3A4C018202D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.9f:*:*:*:*:*:*:*",
"matchCriteriaId": "B859D7F7-B0A6-4148-8146-F651ED3F99AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.9m:*:*:*:*:*:*:*",
"matchCriteriaId": "59EC5B1A-309A-4DE2-A197-F4DC07A8DC3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "60CC9410-F6B8-4748-B76F-30626279028E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.10f:*:*:*:*:*:*:*",
"matchCriteriaId": "0E7D3C74-CDD2-4DFF-A331-007E1669752A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.10m:*:*:*:*:*:*:*",
"matchCriteriaId": "03FA10EA-F6E5-4A89-AC37-40FF6A147528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC67401-C85A-4E4E-AE61-85FEBBF4346B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.11f:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8E0DF6-D9C2-4DBC-9997-B5BFC6DEC9F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.11m:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E1480B-2183-45AD-B63F-16DEC9BF0398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4427AC-07C1-4765-981B-B5D86D698C2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.12f:*:*:*:*:*:*:*",
"matchCriteriaId": "2D08345C-F945-410C-9DCB-8C358178F975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.12m:*:*:*:*:*:*:*",
"matchCriteriaId": "8764BE36-9377-486C-9198-DF79A5A60679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "63EF0CEE-74A9-45C8-8AFD-77815230ACC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.13f:*:*:*:*:*:*:*",
"matchCriteriaId": "25243FA1-7AF7-41D4-8FAD-A5AB289E120D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.13m:*:*:*:*:*:*:*",
"matchCriteriaId": "94D89730-AA61-4FC9-A6AB-0574CA51EE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5B24D34C-1F95-45C8-9A57-2D2622ED9019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.14f:*:*:*:*:*:*:*",
"matchCriteriaId": "A7B59E7C-B059-41CD-AE33-E9623ADA12BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.14m:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF1B657-C910-4BB0-828C-09B6A59D988D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD69805-D021-4DCC-9FB6-A0BEA721408A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.15f:*:*:*:*:*:*:*",
"matchCriteriaId": "72D61A9F-AC57-4DD9-9047-74BFA9BFACFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.15m:*:*:*:*:*:*:*",
"matchCriteriaId": "C254FC5D-895D-4EFC-B9A7-74699D9FE65E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "B13C07CC-F615-4F30-B532-4BF6F02F84DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.16f:*:*:*:*:*:*:*",
"matchCriteriaId": "27532639-37CD-4BD2-AE48-F741009D3449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.16m:*:*:*:*:*:*:*",
"matchCriteriaId": "F83879DE-1BD7-4FF7-ACC6-5B119DB09BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE3F77A-909E-4947-A808-BCAB7F96A108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*",
"matchCriteriaId": "EED22734-8AAC-4897-BB71-438E19B8A005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA9C28F-18E6-4199-9740-FAB00563EBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F1E3C7-0FDD-46E1-8748-6A5FF669C95C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.18f:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E63313-9533-478D-ACC0-C050FBA3EACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.18m:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0A7D5D-BDD9-45F8-9BE7-3B01D70C8CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "2334FD6C-444F-4042-AF6D-D654C18C9950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFCB9A7-9121-4FAE-B6FA-96C3A023ACEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cray:unicos:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3E7725DD-085A-4D3A-8F9E-55C3D4BBDD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cray:unicos:6.0e:*:*:*:*:*:*:*",
"matchCriteriaId": "544736F7-0E4F-45C1-811B-114CFCBBC895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cray:unicos:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACCD6F58-9E37-40F0-AFD5-49523BEA301E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cray:unicos:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAA7CE84-9266-4699-8687-50D09FFF6CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cray:unicos:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E9226A7-8253-4AA4-8BD1-31219080261B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cray:unicos:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3E7D776A-9DC2-4479-8064-BB86E005B2DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cray:unicos:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB0C892-B2B2-4810-A009-AE1809730FE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cray:unicos:9.0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "07FF0A62-A4D2-495D-B45B-7439C24F6046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cray:unicos:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4029356-417F-4738-ACE0-B88351EA9010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cray:unicos:9.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A71A88A2-4816-49E6-B549-DA28AB80DBB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*",
"matchCriteriaId": "1E8A6564-129A-4555-A5ED-6F65C56AE7B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*",
"matchCriteriaId": "237174A4-E030-4A0B-AD0B-5C463603EAA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "5D7F8F11-1869-40E2-8478-28B4E946D3CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*",
"matchCriteriaId": "9062BAB5-D437-49BE-A384-39F62434B70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*",
"matchCriteriaId": "6E53C673-9D6D-42C8-A502-033E1FC28D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:stable:*:*:*:*:*:*",
"matchCriteriaId": "C844A170-B5A7-4703-AF3B-67366D44EA8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:*",
"matchCriteriaId": "3D41CB12-7894-4D25-80EC-23C56171D973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:stable:*:*:*:*:*:*",
"matchCriteriaId": "09789843-6A1A-4CDB-97E8-89E82B79DDB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*",
"matchCriteriaId": "118211EF-CED7-4EB5-9669-F54C8169D4AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*",
"matchCriteriaId": "9A405AE2-ECC4-4BB0-80DD-4736394FB217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB4AD26-6AF2-4F3A-B602-F231FAABA73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:release:*:*:*:*:*:*",
"matchCriteriaId": "E5612FB0-8403-4A7E-B89A-D7BDFAC00078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:stable:*:*:*:*:*:*",
"matchCriteriaId": "A7818E11-1BEB-4DAA-BA7A-A278454BA4B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "4259A901-A1CF-44EE-80C4-2031D3FCADC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "9B7A7B90-9086-4A10-8FB4-1C1D909BC173",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6AB76FE0-BEF3-40D4-B362-0C95CA625A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD0DC0A-ACAD-4870-9C0F-3095F2AC8CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux_series_700:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "8B369244-5327-4946-9C49-AC93AE75866B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux_series_800:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A40F1951-2AC6-402E-95D6-19ECC3F695F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "465B06C4-136D-4CD8-BA38-B6B50511624C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB23261-D5A9-4C49-B08E-97A63ED6F84A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17EECCCB-D7D1-439A-9985-8FAE8B44487B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36DF0D51-FCFA-46A3-B834-E80DFA91DFDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CB726CF-ADA2-4CDA-9786-1E84AC53740A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC373FC-88AC-4B6D-A289-51881ACD57F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA6AEAF0-FA61-4A3F-A083-1218C2027781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60DA30A1-3360-46BC-85B7-008D535F95BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA33E7E2-DE7B-411E-8991-718DA0988C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1957B3C0-7F25-469B-BC3F-7B09260837ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "F66BAF35-A8B9-4E95-B270-444206FDD35B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "8F1F312C-413F-4DB4-ABF4-48E33F6FECF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "1894C542-AA81-40A9-BF47-AE24C93C1ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n xdrmem_getbytes(), y posiblemente otras funciones, de librerias XDR (representaci\u00f3n de datos externos) derivadas de SunRPC, incluyendo libnsl, libc y glibc permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante ciertos valores enteros en campos de longitud."
}
],
"id": "CVE-2003-0028",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-03-25T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104810574423662\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104811415301340\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104860855114117\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104878237121402\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=105362148313082\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-10.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-266"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-272"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-282"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.eeye.com/html/Research/Advisories/AD20030318.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/516825"
},
{
"source": "cve@mitre.org",
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:037"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2003_027_glibc.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-051.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-052.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-089.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-091.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/315638/30/25430/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/316931/30/25250/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/316960/30/25250/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20150122-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104810574423662\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104811415301340\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104860855114117\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104878237121402\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=105362148313082\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-10.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.eeye.com/html/Research/Advisories/AD20030318.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/516825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2003_027_glibc.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-051.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-052.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-089.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/315638/30/25430/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/316931/30/25250/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/316960/30/25250/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20150122-0002/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-01-14 18:30
Modified
2025-04-09 00:30
Severity ?
Summary
nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560333 | ||
| secalert@redhat.com | http://marc.info/?l=oss-security&m=126320356003425&w=2 | ||
| secalert@redhat.com | http://marc.info/?l=oss-security&m=126320570505651&w=2 | ||
| secalert@redhat.com | http://sourceware.org/bugzilla/show_bug.cgi?id=11134 | ||
| secalert@redhat.com | http://svn.debian.org/viewsvn/pkg-glibc/glibc-package/trunk/debian/patches/any/submitted-nis-shadow.diff?revision=4062&view=markup | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:111 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:112 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2010/01/07/3 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2010/01/08/1 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2010/01/08/2 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2010/01/11/6 | ||
| secalert@redhat.com | https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560333 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=126320356003425&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=126320570505651&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/bugzilla/show_bug.cgi?id=11134 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://svn.debian.org/viewsvn/pkg-glibc/glibc-package/trunk/debian/patches/any/submitted-nis-shadow.diff?revision=4062&view=markup | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:111 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:112 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2010/01/07/3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2010/01/08/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2010/01/08/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2010/01/11/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D41ABE25-DECD-4068-93DA-0B85281FD93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A93600D-7271-4AF5-8133-C6AA5BC8543F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function."
},
{
"lang": "es",
"value": "nis/nss_nis/nis-pwd.c en GNU C Library (tambi\u00e9n conocido como glibc o libc6) v2.7 y Embedded GLIBC (EGLIBC) v2.10.2, a\u00f1ade informaci\u00f3n desde el mapa passwd.adjunct.byname a las entradas en el mapa \"passwd\", lo que permite a atacantes remotos obtener las contrase\u00f1as encriptadas de las cuentas NIS llamando a la funci\u00f3n getpwam."
}
],
"id": "CVE-2010-0015",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-01-14T18:30:00.577",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560333"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=126320356003425\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=126320570505651\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11134"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.debian.org/viewsvn/pkg-glibc/glibc-package/trunk/debian/patches/any/submitted-nis-shadow.diff?revision=4062\u0026view=markup"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/01/07/3"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/01/08/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/01/08/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/01/11/6"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560333"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=126320356003425\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=126320570505651\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.debian.org/viewsvn/pkg-glibc/glibc-package/trunk/debian/patches/any/submitted-nis-shadow.diff?revision=4062\u0026view=markup"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/01/07/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/01/08/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/01/08/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/01/11/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-06 23:55
Modified
2025-04-12 10:46
Severity ?
Summary
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00012.html | ||
| cve@mitre.org | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| cve@mitre.org | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2014:152 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/68006 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1109263 | Exploit | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/93784 | ||
| cve@mitre.org | https://seclists.org/bugtraq/2019/Jun/14 | ||
| cve@mitre.org | https://seclists.org/bugtraq/2019/Sep/7 | ||
| cve@mitre.org | https://security.gentoo.org/glsa/201503-04 | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=17048 | ||
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=blobdiff%3Bf=ChangeLog%3Bh=3020b9ac232315df362521aeaf85f21cb9926db8%3Bhp=d86e73963dd9fb5e21b1a28326630337226812aa%3Bhb=89e435f3559c53084498e9baad22172b64429362%3Bhpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845 | ||
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=blobdiff%3Bf=posix/spawn_faction_addopen.c%3Bh=40800b8e6e81341501c0fb8a91009529e2048dec%3Bhp=47f62425b696a4fdd511b2a057746322eb6518db%3Bhb=89e435f3559c53084498e9baad22172b64429362%3Bhpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845 | ||
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=89e435f3559c53084498e9baad22172b64429362 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00012.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2014:152 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/68006 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1109263 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/93784 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Jun/14 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Sep/7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=17048 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=blobdiff%3Bf=ChangeLog%3Bh=3020b9ac232315df362521aeaf85f21cb9926db8%3Bhp=d86e73963dd9fb5e21b1a28326630337226812aa%3Bhb=89e435f3559c53084498e9baad22172b64429362%3Bhpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=blobdiff%3Bf=posix/spawn_faction_addopen.c%3Bh=40800b8e6e81341501c0fb8a91009529e2048dec%3Bhp=47f62425b696a4fdd511b2a057746322eb6518db%3Bhb=89e435f3559c53084498e9baad22172b64429362%3Bhpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=89e435f3559c53084498e9baad22172b64429362 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "341320B9-8C6F-40EC-ADF9-0EA8A7D51FF8",
"versionEndIncluding": "2.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities."
},
{
"lang": "es",
"value": "La funci\u00f3n posix_spawn_file_actions_addopen en glibc anterior a 2.20 no copia su argumento de ruta de acuerdo con la especificaci\u00f3n POSIX, lo que permite a atacantes dependientes de contexto provocar vulnerabilidades de uso despu\u00e9s de liberaci\u00f3n."
}
],
"id": "CVE-2014-4043",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-06T23:55:08.530",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00012.html"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:152"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/68006"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109263"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93784"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17048"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=blobdiff%3Bf=ChangeLog%3Bh=3020b9ac232315df362521aeaf85f21cb9926db8%3Bhp=d86e73963dd9fb5e21b1a28326630337226812aa%3Bhb=89e435f3559c53084498e9baad22172b64429362%3Bhpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=blobdiff%3Bf=posix/spawn_faction_addopen.c%3Bh=40800b8e6e81341501c0fb8a91009529e2048dec%3Bhp=47f62425b696a4fdd511b2a057746322eb6518db%3Bhb=89e435f3559c53084498e9baad22172b64429362%3Bhpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=89e435f3559c53084498e9baad22172b64429362"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/68006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1109263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93784"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Sep/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=blobdiff%3Bf=ChangeLog%3Bh=3020b9ac232315df362521aeaf85f21cb9926db8%3Bhp=d86e73963dd9fb5e21b1a28326630337226812aa%3Bhb=89e435f3559c53084498e9baad22172b64429362%3Bhpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=blobdiff%3Bf=posix/spawn_faction_addopen.c%3Bh=40800b8e6e81341501c0fb8a91009529e2048dec%3Bhp=47f62425b696a4fdd511b2a057746322eb6518db%3Bhb=89e435f3559c53084498e9baad22172b64429362%3Bhpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=89e435f3559c53084498e9baad22172b64429362"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-08-12 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000507 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=102581482511612&w=2 | ||
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2002-139.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/542971 | US Government Resource | |
| cve@mitre.org | http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-050.php | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000507 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=102581482511612&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2002-139.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/542971 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-050.php |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5272D01-D7FC-41DA-B565-9054AA55FABD",
"versionEndIncluding": "2.2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:4.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0064E411-C26F-4831-B7C4-63E2E1EF98DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en las funciones de resoluci\u00f3n de DNS que buscan nombres de red y direcciones, como en BIND 4.9.8 y glibc 2.2.5 y anteriores, permiten que servidores DNS remotos ejecuten c\u00f3digo arbitrario por medio de una subrutina usada por funciones tales como getnetbyname y getnetbyaddr."
}
],
"id": "CVE-2002-0684",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-08-12T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com/atualizacoes/?id=a\u0026anuncio=000507"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=102581482511612\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2002-139.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/542971"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-050.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com/atualizacoes/?id=a\u0026anuncio=000507"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=102581482511612\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2002-139.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/542971"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-050.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-15 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-325.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-334.html | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11337 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-325.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-334.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11337 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.3.2 | |
| gnu | zebra | 0.91a | |
| gnu | zebra | 0.92a | |
| gnu | zebra | 0.93a | |
| gnu | zebra | 0.93b | |
| quagga | quagga_routing_software_suite | 0.96.2 | |
| sgi | propack | 2.2.1 | |
| sgi | propack | 2.3 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | linux_advanced_workstation | 2.1 | |
| intel | ia64 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:zebra:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "B4422632-71AE-4E7F-8684-EC63F9B05F50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:zebra:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "06039EBD-0C90-42C9-B182-9A59A7A3075A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:zebra:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "01D1D224-8BD6-46AD-AA75-5457A2E007A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:zebra:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEEAC68-6442-4E82-B072-491ED94EE6D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quagga:quagga_routing_software_suite:0.96.2:*:*:*:*:*:*:*",
"matchCriteriaId": "435E018F-DDB1-4909-B808-A45315AFECE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB7B969-1093-46A9-AA8D-0C28F138C4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:ia64:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A94B8E3-D6A5-4061-885C-DDA14E00E63A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface."
},
{
"lang": "es",
"value": "La funci\u00f3n getifaddres en GNU libc (glibc) 2.2.4 y anteriores permite a usuarios locales causar una denegaci\u00f3n de servicio enviando mensajes suplantando a otros usuarios al interfaz del kernel netlink."
}
],
"id": "CVE-2003-0859",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-15T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-325.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-334.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11337"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-325.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-334.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11337"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-09-28 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.debian.org/security/2016/dsa-3480 | Third Party Advisory | |
| secalert@redhat.com | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/74255 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securitytracker.com/id/1032178 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-2 | Third Party Advisory | |
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2015-0863.html | Third Party Advisory | |
| secalert@redhat.com | https://security.gentoo.org/glsa/201602-02 | Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=18287 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=2959eda9272a03386 | ||
| secalert@redhat.com | https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3480 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/74255 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032178 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2015-0863.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201602-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=18287 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=2959eda9272a03386 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| suse | linux_enterprise_debuginfo | 11 | |
| suse | linux_enterprise_debuginfo | 11 | |
| suse | linux_enterprise_desktop | 11 | |
| suse | linux_enterprise_desktop | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| gnu | glibc | * | |
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "58D3B6FD-B474-4B09-B644-A8634A629280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "F892F1B0-514C-42F7-90AE-12ACDFDC1033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "8B072472-B463-4647-885D-E40B0115C810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57CAD5CA-C7C1-4567-8E5B-FCA4DA4D516D",
"versionEndIncluding": "2.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en gethostbyname_r y otras funciones NSS no especificadas en la librer\u00eda C de GNU (tambi\u00e9n conocida como glibc o libc6) en versiones anteriores a 2.22, permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (ca\u00edda) o ejecutar c\u00f3digo arbitrario a trav\u00e9s de una respuesta DNS manipulada, lo que desencadena una llamada con un buffer incorrectamente alineado."
}
],
"id": "CVE-2015-1781",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-09-28T20:59:00.093",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74255"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032178"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2015-0863.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18287"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=2959eda9272a03386"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2015-0863.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18287"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=2959eda9272a03386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-31 14:15
Modified
2024-11-21 08:44
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html | Exploit, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2024/Feb/3 | Exploit, Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2023-6779 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2254395 | Issue Tracking | |
| secalert@redhat.com | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/ | Mailing List | |
| secalert@redhat.com | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/ | Mailing List | |
| secalert@redhat.com | https://security.gentoo.org/glsa/202402-01 | Third Party Advisory | |
| secalert@redhat.com | https://security.netapp.com/advisory/ntap-20240223-0006/ | Third Party Advisory | |
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2024/01/30/6 | Exploit, Mailing List | |
| secalert@redhat.com | https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2024/Feb/3 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2023-6779 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2254395 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/ | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/ | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202402-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20240223-0006/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2024/01/30/6 | Exploit, Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| fedoraproject | fedora | 38 | |
| fedoraproject | fedora | 39 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A5153FA-49E9-457F-94BB-202CACA41C76",
"versionEndExcluding": "2.39",
"versionStartIncluding": "2.37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un desbordamiento de b\u00fafer en la regi\u00f3n Heap de la memoria de off-by-one en la funci\u00f3n __vsyslog_internal de la librer\u00eda glibc. Esta funci\u00f3n es llamada por las funciones syslog y vsyslog. Este problema ocurre cuando estas funciones se llaman con un mensaje mayor que INT_MAX bytes, lo que genera un c\u00e1lculo incorrecto del tama\u00f1o del b\u00fafer para almacenar el mensaje, lo que provoca un bloqueo de la aplicaci\u00f3n. Este problema afecta a glibc 2.37 y posteriores."
}
],
"id": "CVE-2023-6779",
"lastModified": "2024-11-21T08:44:32.693",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-31T14:15:48.700",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6779"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254395"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202402-01"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240223-0006/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List"
],
"url": "https://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202402-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240223-0006/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List"
],
"url": "https://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-06 20:15
Modified
2025-06-18 14:40
Severity ?
Summary
nscd: netgroup cache assumes NSS callback uses in-buffer strings
The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory
when the NSS callback does not store all strings in the provided buffer.
The flaw was introduced in glibc 2.15 when the cache was added to nscd.
This vulnerability is only present in the nscd binary.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | http://www.openwall.com/lists/oss-security/2024/07/22/5 | Mailing List | |
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html | Mailing List, Third Party Advisory | |
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | https://security.netapp.com/advisory/ntap-20240524-0012/ | Third Party Advisory | |
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/07/22/5 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20240524-0012/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008 | Broken Link |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| debian | debian_linux | 10.0 | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| netapp | element_software | - | |
| netapp | solidfire_\&_hci_management_node | - | |
| netapp | solidfire_\&_hci_storage_node | - | |
| netapp | hci_bootstrap_os | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D95E16DA-1F17-4B1B-B231-7A4DEDA8C7BA",
"versionEndExcluding": "2.40",
"versionStartIncluding": "2.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire_\\\u0026_hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6D700C5-F67F-4FFB-BE69-D524592A3D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire_\\\u0026_hci_storage_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D452B464-1200-4B72-9A89-42DC58486191",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C767AA1-88B7-48F0-9F31-A89D16DCD52C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "nscd: netgroup cache assumes NSS callback uses in-buffer strings\n\nThe Name Service Cache Daemon\u0027s (nscd) netgroup cache can corrupt memory\nwhen the NSS callback does not store all strings in the provided buffer.\nThe flaw was introduced in glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary."
},
{
"lang": "es",
"value": "nscd: la cach\u00e9 de netgroup supone que la devoluci\u00f3n de llamada de NSS utiliza cadenas en el b\u00fafer La cach\u00e9 de netgroup del daemon de cach\u00e9 del servicio de nombres (nscd) puede da\u00f1ar la memoria cuando la devoluci\u00f3n de llamada de NSS no almacena todas las cadenas en el b\u00fafer proporcionado. La falla se introdujo en glibc 2.15 cuando se agreg\u00f3 el cach\u00e9 a nscd. Esta vulnerabilidad s\u00f3lo est\u00e1 presente en el binario nscd."
}
],
"id": "CVE-2024-33602",
"lastModified": "2025-06-18T14:40:48.823",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.4,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-05-06T20:15:11.680",
"references": [
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
},
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0012/"
},
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Broken Link"
],
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0012/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008"
}
],
"sourceIdentifier": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-466"
}
],
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-04-29 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of domain conversion results.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2013-0769.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2013-1605.html | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2021/Sep/0 | ||
| secalert@redhat.com | http://secunia.com/advisories/52817 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/55113 | ||
| secalert@redhat.com | http://sourceware.org/bugzilla/show_bug.cgi?id=15330 | ||
| secalert@redhat.com | http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=1cef1b19089528db11f221e938f60b9b048945d7 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:163 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:284 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2013/04/03/2 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2013/04/03/8 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2013/04/05/1 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/58839 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1991-1 | ||
| secalert@redhat.com | http://www.vmware.com/security/advisories/VMSA-2014-0008.html | ||
| secalert@redhat.com | https://bugzilla.novell.com/show_bug.cgi?id=813121 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=947882 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201503-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-0769.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-1605.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2021/Sep/0 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/52817 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/55113 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/bugzilla/show_bug.cgi?id=15330 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=1cef1b19089528db11f221e938f60b9b048945d7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:163 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:284 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/04/03/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/04/03/8 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/04/05/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/58839 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1991-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2014-0008.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.novell.com/show_bug.cgi?id=813121 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=947882 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 | |
| gnu | glibc | 2.3.5 | |
| gnu | glibc | 2.3.6 | |
| gnu | glibc | 2.4 | |
| gnu | glibc | 2.5 | |
| gnu | glibc | 2.5.1 | |
| gnu | glibc | 2.6 | |
| gnu | glibc | 2.6.1 | |
| gnu | glibc | 2.7 | |
| gnu | glibc | 2.8 | |
| gnu | glibc | 2.9 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 | |
| gnu | glibc | 2.13 | |
| gnu | glibc | 2.14 | |
| gnu | glibc | 2.14.1 | |
| gnu | glibc | 2.15 | |
| gnu | glibc | 2.16 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80EA2A91-4CBF-4AF4-9776-BF9EFDA67CDF",
"versionEndIncluding": "2.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44A511B6-72EC-4200-8C1C-BDE30BC2431A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B03C644D-0EF9-4586-96D5-5DEE78D9D5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42AD17CD-545F-425A-92CF-0EE5F5B5F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0660536D-7F82-4B91-8B84-704D26FE989F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E2037E8C-43E8-4121-B877-1834282ACD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5E85-9AFA-429A-AC51-8D8EC2841330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D41ABE25-DECD-4068-93DA-0B85281FD93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "84600406-0CE2-46EA-A5AD-4CC0D3494AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A96FA9ED-7529-440D-984D-6340B94D8243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5D113-EF53-4690-92AC-B6E54D70AA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92B1C39D-1183-4FAE-85C2-D1DC7AA6F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "733A1711-D2FC-45C6-9542-893860851F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4CFA8E-9892-4DDA-9DB2-581711E974A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of domain conversion results."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n getaddrinfo en sysdeps/posix/getaddrinfo.c en GNU C Library (tambien conocido como glibc o libc6) v2.17 y anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un (1) nombre de host o (2) una direcci\u00f3n IP que desencadenan un gran n\u00famero de resultados en la conversi\u00f3n de dominio."
}
],
"id": "CVE-2013-1914",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-29T22:55:01.057",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0769.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1605.html"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/52817"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/55113"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=15330"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=1cef1b19089528db11f221e938f60b9b048945d7"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:163"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/04/03/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/04/03/8"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/04/05/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/58839"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0008.html"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=813121"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=947882"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0769.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1605.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/52817"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=15330"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=1cef1b19089528db11f221e938f60b9b048945d7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/04/03/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/04/03/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/04/05/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/58839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=813121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=947882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-24 16:15
Modified
2025-06-09 15:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2021-3998 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2024633 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://security-tracker.debian.org/tracker/CVE-2021-3998 | Third Party Advisory | |
| secalert@redhat.com | https://security.netapp.com/advisory/ntap-20221020-0003/ | Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=28770 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=84d2d0fe20bdf94feed82b21b4d7d136db471f03 | ||
| secalert@redhat.com | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ee8d5e33adb284601c00c94687bc907e10aec9bb | ||
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2022/01/24/4 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2021-3998 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2024633 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2021-3998 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20221020-0003/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=28770 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=84d2d0fe20bdf94feed82b21b4d7d136db471f03 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ee8d5e33adb284601c00c94687bc907e10aec9bb | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2022/01/24/4 | Mailing List, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| netapp | ontap_select_deploy_administration_utility | - | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AB4897C-6A36-43DF-B34B-183ED9B2F7DF",
"versionEndExcluding": "2.35",
"versionStartIncluding": "2.33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data."
},
{
"lang": "es",
"value": "Se ha encontrado un fallo en glibc. La funci\u00f3n realpath() puede devolver por error un valor no esperado, conllevando potencialmente a un filtrado de informaci\u00f3n y una divulgaci\u00f3n de datos confidenciales."
}
],
"id": "CVE-2021-3998",
"lastModified": "2025-06-09T15:15:26.377",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-08-24T16:15:09.010",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3998"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024633"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3998"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221020-0003/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28770"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=84d2d0fe20bdf94feed82b21b4d7d136db471f03"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ee8d5e33adb284601c00c94687bc907e10aec9bb"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/24/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2021-3998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2021-3998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221020-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=84d2d0fe20bdf94feed82b21b4d7d136db471f03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ee8d5e33adb284601c00c94687bc907e10aec9bb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2022/01/24/4"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-252"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-09 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| secalert@redhat.com | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| secalert@redhat.com | http://secunia.com/advisories/55113 | ||
| secalert@redhat.com | http://sourceware.org/bugzilla/show_bug.cgi?id=14547 | Exploit, Patch | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:284 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/09/07/9 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1991-1 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=855385 | ||
| secalert@redhat.com | https://seclists.org/bugtraq/2019/Jun/14 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201503-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Jun/18 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/55113 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/bugzilla/show_bug.cgi?id=14547 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:284 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/09/07/9 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1991-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=855385 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://seclists.org/bugtraq/2019/Jun/14 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12.1 | |
| gnu | glibc | 2.12.2 | |
| gnu | glibc | 2.13 | |
| gnu | glibc | 2.14 | |
| gnu | glibc | 2.14.1 | |
| gnu | glibc | 2.15 | |
| gnu | glibc | 2.16 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "80EA2A91-4CBF-4AF4-9776-BF9EFDA67CDF",
"versionEndIncluding": "2.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C543B0E8-8B48-44A4-B63F-B2D9EA23E8EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37880948-2AB5-491A-85E2-B7E271E03B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8E0DCD-8D39-4C89-9B4C-37025D9BE3A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD5D113-EF53-4690-92AC-B6E54D70AA9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92B1C39D-1183-4FAE-85C2-D1DC7AA6F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "733A1711-D2FC-45C6-9542-893860851F6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4CFA8E-9892-4DDA-9DB2-581711E974A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en string/strcoll_l.c en GNU C Library (tambi\u00e9n conocida como glibc o libc6) 2.17 y anteriores versiones permite a atacantes dependientes del contexto provocar una denegaci\u00f3n del servicio (cuelgue) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena larga, lo que provoca un desbordamiento de buffer basado en memoria din\u00e1mica."
}
],
"id": "CVE-2012-4412",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-09T22:55:02.477",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "secalert@redhat.com",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/55113"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=14547"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/09/07/9"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=855385"
},
{
"source": "secalert@redhat.com",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Jun/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=14547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/09/07/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=855385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/Jun/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-06 20:15
Modified
2025-06-18 14:50
Severity ?
Summary
nscd: Null pointer crashes after notfound response
If the Name Service Cache Daemon's (nscd) cache fails to add a not-found
netgroup response to the cache, the client request can result in a null
pointer dereference. This flaw was introduced in glibc 2.15 when the
cache was added to nscd.
This vulnerability is only present in the nscd binary.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | http://www.openwall.com/lists/oss-security/2024/07/22/5 | Mailing List, Third Party Advisory | |
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html | Mailing List, Third Party Advisory | |
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | https://security.netapp.com/advisory/ntap-20240524-0013/ | Third Party Advisory | |
| 3ff69d7a-14f2-4f67-a097-88dee7810d18 | https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/07/22/5 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20240524-0013/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006 | Broken Link |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| debian | debian_linux | 10.0 | |
| netapp | active_iq_unified_manager | - | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| netapp | h610c_firmware | - | |
| netapp | h610c | - | |
| netapp | h610s_firmware | - | |
| netapp | h610s | - | |
| netapp | h615c_firmware | - | |
| netapp | h615c | - | |
| netapp | hci_bootstrap_os | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D95E16DA-1F17-4B1B-B231-7A4DEDA8C7BA",
"versionEndExcluding": "2.40",
"versionStartIncluding": "2.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89612649-BACF-4FAC-9BA4-324724FD93A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D9B255-C1AF-42D1-BF9B-13642FBDC080",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7CFE0E-9D1E-4495-B302-89C3096FC0DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5921A877-18BF-43FE-915C-D226E140ACFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7296A1F2-D315-4FD5-8A73-65C480C855BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C767AA1-88B7-48F0-9F31-A89D16DCD52C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "nscd: Null pointer crashes after notfound response\n\nIf the Name Service Cache Daemon\u0027s (nscd) cache fails to add a not-found\nnetgroup response to the cache, the client request can result in a null\npointer dereference. This flaw was introduced in glibc 2.15 when the\ncache was added to nscd.\n\nThis vulnerability is only present in the nscd binary."
},
{
"lang": "es",
"value": "nscd: el puntero nulo falla despu\u00e9s de una respuesta no encontrada Si el cach\u00e9 del daemon de cach\u00e9 del servicio de nombres (nscd) no logra agregar una respuesta de grupo de red no encontrado al cach\u00e9, la solicitud del cliente puede resultar en una desreferencia del puntero nulo. Esta falla se introdujo en glibc 2.15 cuando se agreg\u00f3 el cach\u00e9 a nscd. Esta vulnerabilidad s\u00f3lo est\u00e1 presente en el binario nscd."
}
],
"id": "CVE-2024-33600",
"lastModified": "2025-06-18T14:50:25.440",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-05-06T20:15:11.523",
"references": [
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
},
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0013/"
},
{
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"tags": [
"Broken Link"
],
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2024/07/22/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0013/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006"
}
],
"sourceIdentifier": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "3ff69d7a-14f2-4f67-a097-88dee7810d18",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-26 23:15
Modified
2025-06-09 16:15
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/202107-07 | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20210401-0006/ | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=26224 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuapr2022.html | Not Applicable, Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpujan2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202107-07 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210401-0006/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=26224 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Not Applicable, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujan2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| netapp | ontap_select_deploy_administration_utility | - | |
| netapp | a250_firmware | - | |
| netapp | a250 | - | |
| netapp | 500f_firmware | - | |
| netapp | 500f | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h300e_firmware | - | |
| netapp | h300e | - | |
| netapp | h500e_firmware | - | |
| netapp | h500e | - | |
| netapp | h700e_firmware | - | |
| netapp | h700e | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| oracle | communications_cloud_native_core_service_communication_proxy | 1.14.0 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D747200-4C8A-4BAE-9818-BD1458253D8F",
"versionEndIncluding": "2.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1236B66D-EB11-4324-929F-E2B86683C3C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "281DFC67-46BB-4FC2-BE03-3C65C9311F65",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF32BB1-9A58-4821-AE49-5D5C8200631F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F21DE67F-CDFD-4D36-9967-633CD0240C6F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AB059F2-FEC4-4180-8A90-39965495055E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228."
},
{
"lang": "es",
"value": "La funci\u00f3n iconv en la biblioteca GNU C (tambi\u00e9n se conoce como glibc o libc6) versiones 2.32 y anteriores, cuando se procesa secuencias de entrada de m\u00faltiples bytes no validas en codificaciones IBM1364, IBM1371, IBM1388, IBM1390 e IBM1399, presenta un fallo al avanzar el estado de la entrada, lo que podr\u00eda conllevar a un bucle infinito en las aplicaciones, resultando en una denegaci\u00f3n de servicio, una vulnerabilidad diferente de CVE-2016-10228"
}
],
"id": "CVE-2020-27618",
"lastModified": "2025-06-09T16:15:31.853",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2021-02-26T23:15:11.123",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210401-0006/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-07"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210401-0006/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-19 22:15
Modified
2024-11-21 04:34
Severity ?
Summary
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/ | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=25204 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/4416-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=25204 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4416-1/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.10 | |
| fedoraproject | fedora | 30 | |
| fedoraproject | fedora | 31 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "1740D5DF-644C-4C9F-BB69-B094F5BC0724",
"versionEndExcluding": "2.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program."
},
{
"lang": "es",
"value": "En la arquitectura de x86-64, la Biblioteca GNU C (tambi\u00e9n se conoce como glibc) versiones anteriores a 2.31 no omite la variable de entorno de LD_PREFER_MAP_32BIT_EXEC durante la ejecuci\u00f3n del programa despu\u00e9s de una transici\u00f3n de seguridad, permitiendo a atacantes locales restringir las posibles direcciones de mapeo para las bibliotecas cargadas y as\u00ed omitir ASLR para un programa setuid"
}
],
"id": "CVE-2019-19126",
"lastModified": "2024-11-21T04:34:14.263",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-19T22:15:11.427",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4416-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4416-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-665"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-06-01 20:30
Modified
2025-04-11 00:51
Severity ?
Summary
Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@ubuntu.com | http://drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html | ||
| security@ubuntu.com | http://frugalware.org/security/662 | ||
| security@ubuntu.com | http://secunia.com/advisories/39900 | Vendor Advisory | |
| security@ubuntu.com | http://security.gentoo.org/glsa/glsa-201011-01.xml | ||
| security@ubuntu.com | http://securitytracker.com/id?1024044 | ||
| security@ubuntu.com | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=db07e962b6ea963dbb345439f6ab9b0cf74d87c5 | ||
| security@ubuntu.com | http://www.debian.org/security/2010/dsa-2058 | ||
| security@ubuntu.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:111 | ||
| security@ubuntu.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:112 | ||
| security@ubuntu.com | http://www.securityfocus.com/bid/40063 | Patch | |
| security@ubuntu.com | http://www.ubuntu.com/usn/USN-944-1 | ||
| security@ubuntu.com | http://www.vupen.com/english/advisories/2010/1246 | Vendor Advisory | |
| security@ubuntu.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/58915 | ||
| security@ubuntu.com | https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://frugalware.org/security/662 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/39900 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201011-01.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1024044 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=db07e962b6ea963dbb345439f6ab9b0cf74d87c5 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2058 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:111 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:112 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/40063 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-944-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1246 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/58915 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 | |
| gnu | glibc | 2.3.5 | |
| gnu | glibc | 2.3.6 | |
| gnu | glibc | 2.3.10 | |
| gnu | glibc | 2.4 | |
| gnu | glibc | 2.5 | |
| gnu | glibc | 2.5.1 | |
| gnu | glibc | 2.6 | |
| gnu | glibc | 2.6.1 | |
| gnu | glibc | 2.7 | |
| gnu | glibc | 2.8 | |
| gnu | glibc | 2.9 | |
| gnu | glibc | 2.10 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44A511B6-72EC-4200-8C1C-BDE30BC2431A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B03C644D-0EF9-4586-96D5-5DEE78D9D5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47AD8A88-DAF0-4206-8661-70075BA2AE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42AD17CD-545F-425A-92CF-0EE5F5B5F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0660536D-7F82-4B91-8B84-704D26FE989F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E2037E8C-43E8-4121-B877-1834282ACD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5E85-9AFA-429A-AC51-8D8EC2841330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D41ABE25-DECD-4068-93DA-0B85281FD93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "84600406-0CE2-46EA-A5AD-4CC0D3494AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A96FA9ED-7529-440D-984D-6340B94D8243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D70AB0-2910-4191-9980-5BA78E8F2E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header."
},
{
"lang": "es",
"value": "Error de persistencia de signo en entero en la funci\u00f3n \"elf_get_dynamic_info\" en \"elf/dynamic-link.h\" de la librer\u00eda C GNU (tambi\u00e9n conocida como glibc or libc6) v2.0.1 hasta v2.11.1, cuando se usa la opci\u00f3n --verify, permite a atacantes remotos asistidos por usuarios ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un programa ELF manipulado con un valor negativo para cierto miembro de esctructura \"d_tag\" en la cabecera ELF"
}
],
"id": "CVE-2010-0830",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-06-01T20:30:02.820",
"references": [
{
"source": "security@ubuntu.com",
"url": "http://drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html"
},
{
"source": "security@ubuntu.com",
"url": "http://frugalware.org/security/662"
},
{
"source": "security@ubuntu.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39900"
},
{
"source": "security@ubuntu.com",
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"source": "security@ubuntu.com",
"url": "http://securitytracker.com/id?1024044"
},
{
"source": "security@ubuntu.com",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=db07e962b6ea963dbb345439f6ab9b0cf74d87c5"
},
{
"source": "security@ubuntu.com",
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"source": "security@ubuntu.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"source": "security@ubuntu.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"source": "security@ubuntu.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/40063"
},
{
"source": "security@ubuntu.com",
"url": "http://www.ubuntu.com/usn/USN-944-1"
},
{
"source": "security@ubuntu.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1246"
},
{
"source": "security@ubuntu.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58915"
},
{
"source": "security@ubuntu.com",
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://frugalware.org/security/662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=db07e962b6ea963dbb345439f6ab9b0cf74d87c5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/40063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-944-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html"
}
],
"sourceIdentifier": "security@ubuntu.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-02-08 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://osvdb.org/89747 | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2013-0769.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2013-1605.html | ||
| secalert@redhat.com | http://secunia.com/advisories/51951 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/55113 | ||
| secalert@redhat.com | http://sourceware.org/bugzilla/show_bug.cgi?id=15078 | Patch | |
| secalert@redhat.com | http://sourceware.org/ml/libc-alpha/2013-01/msg00967.html | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2013:163 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2013/01/30/5 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/57638 | ||
| secalert@redhat.com | http://www.securitytracker.com/id/1028063 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1991-1 | ||
| secalert@redhat.com | http://www.vmware.com/security/advisories/VMSA-2014-0008.html | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/81707 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201503-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/89747 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-0769.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-1605.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51951 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/55113 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/bugzilla/show_bug.cgi?id=15078 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/ml/libc-alpha/2013-01/msg00967.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2013:163 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/01/30/5 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/57638 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1028063 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1991-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2014-0008.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/81707 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C1E91F85-7872-4290-BE7F-C966AC2773CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el metodo extend_buffers del comparador expresi\u00f3nes regulares (posix / regexec.c) en glibc, posiblemente, v2.17 y anteriores, permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda) mediante caracteres multibyte artesanales.\r\n"
}
],
"id": "CVE-2013-0242",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-02-08T20:55:01.483",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/89747"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0769.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1605.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/55113"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=15078"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/ml/libc-alpha/2013-01/msg00967.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:163"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/01/30/5"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/57638"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1028063"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0008.html"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81707"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/89747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0769.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1605.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=15078"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/ml/libc-alpha/2013-01/msg00967.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/01/30/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/57638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1028063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-20 17:29
Modified
2025-04-20 01:37
Severity ?
Summary
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/101517 | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=22325 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101517 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=22325 | Issue Tracking, Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "495E9424-0BBA-4820-B793-031DDAC80417",
"versionEndIncluding": "2.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak)."
},
{
"lang": "es",
"value": "La funci\u00f3n glob en glob.c en la biblioteca GNU C (tambi\u00e9n llamada glibc o libc6) en versiones anteriores a la 2.27, cuando se invoca con GLOB_TILDE, podr\u00eda omitir la liberaci\u00f3n de memoria asignada cuando procesa el operador ~ con un nombre de usuario largo, conduciendo potencialmente a una denegaci\u00f3n de servicio (fuga de memoria)."
}
],
"id": "CVE-2017-15671",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-20T17:29:00.287",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/101517"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/101517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22325"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-772"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-04-08 15:17
Modified
2025-04-11 00:51
Severity ?
Summary
The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://bugs.debian.org/615120 | Exploit | |
| secalert@redhat.com | http://code.google.com/p/chromium/issues/detail?id=48733 | Exploit | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/02/26/3 | ||
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/02/28/11 | Exploit | |
| secalert@redhat.com | http://openwall.com/lists/oss-security/2011/02/28/15 | ||
| secalert@redhat.com | http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html | Exploit | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2011/Feb/635 | Exploit | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2011/Feb/644 | Patch | |
| secalert@redhat.com | http://secunia.com/advisories/43492 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/43830 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/43989 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/46397 | Vendor Advisory | |
| secalert@redhat.com | http://securityreason.com/securityalert/8175 | ||
| secalert@redhat.com | http://securitytracker.com/id?1025290 | ||
| secalert@redhat.com | http://sourceware.org/bugzilla/show_bug.cgi?id=11883 | Exploit | |
| secalert@redhat.com | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=f15ce4d8dc139523fe0c273580b604b2453acba6 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-0412.html | Vendor Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-0413.html | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/archive/1/520102/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/46563 | Exploit | |
| secalert@redhat.com | http://www.vmware.com/security/advisories/VMSA-2011-0012.html | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2011/0863 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=681054 | Exploit, Patch | |
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12853 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/615120 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/chromium/issues/detail?id=48733 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/02/26/3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/02/28/11 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2011/02/28/15 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2011/Feb/635 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2011/Feb/644 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43492 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43830 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43989 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46397 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/8175 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1025290 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/bugzilla/show_bug.cgi?id=11883 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=f15ce4d8dc139523fe0c273580b604b2453acba6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-0412.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-0413.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/520102/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/46563 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2011-0012.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0863 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=681054 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12853 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | eglibc | * | |
| gnu | glibc | * | |
| gnu | glibc | 1.00 | |
| gnu | glibc | 1.01 | |
| gnu | glibc | 1.02 | |
| gnu | glibc | 1.03 | |
| gnu | glibc | 1.04 | |
| gnu | glibc | 1.05 | |
| gnu | glibc | 1.06 | |
| gnu | glibc | 1.07 | |
| gnu | glibc | 1.08 | |
| gnu | glibc | 1.09 | |
| gnu | glibc | 1.09.1 | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.3.10 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 | |
| gnu | glibc | 2.3.5 | |
| gnu | glibc | 2.3.6 | |
| gnu | glibc | 2.3.10 | |
| gnu | glibc | 2.4 | |
| gnu | glibc | 2.5 | |
| gnu | glibc | 2.5.1 | |
| gnu | glibc | 2.6 | |
| gnu | glibc | 2.6.1 | |
| gnu | glibc | 2.7 | |
| gnu | glibc | 2.8 | |
| gnu | glibc | 2.9 | |
| gnu | glibc | 2.10 | |
| gnu | glibc | 2.10.1 | |
| gnu | glibc | 2.10.2 | |
| gnu | glibc | 2.11 | |
| gnu | glibc | 2.11.1 | |
| gnu | glibc | 2.11.2 | |
| gnu | glibc | 2.11.3 | |
| gnu | glibc | 2.12.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:eglibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB89B5AD-38B6-4BB2-A150-90A7807BE024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA47E340-2191-4471-9415-F325A72C9B65",
"versionEndIncluding": "2.12.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "AA23C241-132B-423E-A22A-7206A8074D10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F79978B1-8831-4169-B815-80138C85832C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "991EB676-F043-418D-BD81-0BB937236D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "AA0C5DB0-602E-4296-884C-60E24FC80458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "3211F47C-DF6D-4355-95F8-DED317700621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "229BFD88-A90F-4D2B-97B9-822A7D87EAEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE253B0-D8E0-4099-8CA7-8925B4809F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*",
"matchCriteriaId": "D640F556-8181-4F15-B2F7-7EC7E8869FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*",
"matchCriteriaId": "061383CD-B9AD-41C6-8C46-F79870B9CD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*",
"matchCriteriaId": "9897B03F-A457-4B29-9C5E-FEA084D3BF0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C3684B-CE01-46B5-9E41-BF58E6A5AA64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD93D5-70BB-475C-BDD3-DEDE9965C5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44A511B6-72EC-4200-8C1C-BDE30BC2431A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B03C644D-0EF9-4586-96D5-5DEE78D9D5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47AD8A88-DAF0-4206-8661-70075BA2AE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42AD17CD-545F-425A-92CF-0EE5F5B5F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0660536D-7F82-4B91-8B84-704D26FE989F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E2037E8C-43E8-4121-B877-1834282ACD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5E85-9AFA-429A-AC51-8D8EC2841330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D41ABE25-DECD-4068-93DA-0B85281FD93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "84600406-0CE2-46EA-A5AD-4CC0D3494AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A96FA9ED-7529-440D-984D-6340B94D8243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D70AB0-2910-4191-9980-5BA78E8F2E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A30D0EE-1AED-4C99-8A22-24E47212F3FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A93600D-7271-4AF5-8133-C6AA5BC8543F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "4169CA4B-C4F5-499A-A35A-49DD43AC0A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC9749-52C5-4E17-8A77-5F4ED91FA8E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E32EC-33A6-4145-9B76-C7E3DBACD1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6423F0B5-E483-4DE9-B13F-3A7322F055DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B4AFFF-A537-44BD-B97A-EFA9409DB8BB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a \"stack extension attack,\" a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome."
},
{
"lang": "es",
"value": "La Biblioteca C (tambi\u00e9n se conoce como glibc o libc6) anterior a versi\u00f3n 2.12.2 y Embedded GLIBC (EGLIBC), de GNU, permiten a los atacantes dependiendo del contexto ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (consumo de memoria) por medio de una cadena UTF8 larga que es usada en una funci\u00f3n llamada fnmatch, tambi\u00e9n se conoce como \"stack extension attack,\" un problema relacionado con CVE-2010-2898, CVE-2010-1917 y CVE-2007-4782, como se inform\u00f3 originalmente para el uso de esta biblioteca por Google Chrome."
}
],
"id": "CVE-2011-1071",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-04-08T15:17:27.650",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://bugs.debian.org/615120"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=48733"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2011/02/26/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://openwall.com/lists/oss-security/2011/02/28/11"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2011/02/28/15"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2011/Feb/635"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://seclists.org/fulldisclosure/2011/Feb/644"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43492"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43830"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43989"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46397"
},
{
"source": "secalert@redhat.com",
"url": "http://securityreason.com/securityalert/8175"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1025290"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11883"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=f15ce4d8dc139523fe0c273580b604b2453acba6"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0413.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/46563"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681054"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://bugs.debian.org/615120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=48733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/02/26/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://openwall.com/lists/oss-security/2011/02/28/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/02/28/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2011/Feb/635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://seclists.org/fulldisclosure/2011/Feb/644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43492"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43830"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43989"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11883"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=f15ce4d8dc139523fe0c273580b604b2453acba6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0412.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0413.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/46563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12853"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-01 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@debian.org | http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html | Mailing List, Third Party Advisory | |
| security@debian.org | http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html | Issue Tracking, Patch, Third Party Advisory | |
| security@debian.org | http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html | Issue Tracking, Patch, Third Party Advisory | |
| security@debian.org | http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html | ||
| security@debian.org | http://seclists.org/fulldisclosure/2021/Sep/0 | ||
| security@debian.org | http://www.openwall.com/lists/oss-security/2016/03/07/16 | Mailing List, Third Party Advisory | |
| security@debian.org | http://www.securityfocus.com/bid/84204 | Third Party Advisory, VDB Entry | |
| security@debian.org | https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E | ||
| security@debian.org | https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E | ||
| security@debian.org | https://security.gentoo.org/glsa/201702-11 | Third Party Advisory | |
| security@debian.org | https://sourceware.org/bugzilla/show_bug.cgi?id=19779 | Exploit, Issue Tracking, Third Party Advisory | |
| security@debian.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5171f3079f2cc53e0548fc4967361f4d1ce9d7ea | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2021/Sep/0 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/03/07/16 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/84204 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201702-11 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=19779 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5171f3079f2cc53e0548fc4967361f4d1ce9d7ea |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD43ADC-AA8F-4284-AD88-98A9A9CC8AAC",
"versionEndExcluding": "2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en pila en la implementaci\u00f3n glob en GNU C Library (tambi\u00e9n conocido como glibc) en versiones anteriores a 2.24, cuando es usado GLOB_ALTDIRFUNC, permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un nombre largo."
}
],
"id": "CVE-2016-1234",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-01T20:59:00.123",
"references": [
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"source": "security@debian.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"source": "security@debian.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"source": "security@debian.org",
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"source": "security@debian.org",
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"source": "security@debian.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/03/07/16"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/84204"
},
{
"source": "security@debian.org",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "security@debian.org",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "security@debian.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "security@debian.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19779"
},
{
"source": "security@debian.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5171f3079f2cc53e0548fc4967361f4d1ce9d7ea"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/03/07/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/84204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5171f3079f2cc53e0548fc4967361f4d1ce9d7ea"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-01 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-2573.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/85732 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-2985-1 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201702-11 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=19879 | ||
| secalert@redhat.com | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=317b199b4aff8cfa27f2302ab404d2bb5032b9a4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-2573.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/85732 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2985-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201702-11 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=19879 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=317b199b4aff8cfa27f2302ab404d2bb5032b9a4 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.2 | |
| gnu | glibc | * | |
| fedoraproject | fedora | 23 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE77B607-61C0-45A2-8591-14CF4C0AED39",
"versionEndIncluding": "2.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en pila en la implementaci\u00f3n nss_dns de la funci\u00f3n getnetbyname en GNU C Library (tambi\u00e9n conocido como glibc) en versiones anteriores a 2.24 permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (consumo de pila y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un nombre largo."
}
],
"id": "CVE-2016-3075",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-01T20:59:03.043",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2573.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/85732"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19879"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=317b199b4aff8cfa27f2302ab404d2bb5032b9a4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2573.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/85732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=317b199b4aff8cfa27f2302ab404d2bb5032b9a4"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-15 04:15
Modified
2024-11-21 04:17
Severity ?
Summary
GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| josh@bress.net | http://www.securityfocus.com/bid/109167 | Third Party Advisory, VDB Entry | |
| josh@bress.net | https://security-tracker.debian.org/tracker/CVE-2019-1010023 | ||
| josh@bress.net | https://sourceware.org/bugzilla/show_bug.cgi?id=22851 | Exploit, Issue Tracking, Third Party Advisory | |
| josh@bress.net | https://support.f5.com/csp/article/K11932200?utm_source=f5support&%3Butm_medium=RSS | ||
| josh@bress.net | https://ubuntu.com/security/CVE-2019-1010023 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/109167 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2019-1010023 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=22851 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K11932200?utm_source=f5support&%3Butm_medium=RSS | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://ubuntu.com/security/CVE-2019-1010023 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68D5A70D-5CEE-4E19-BF35-0245A0E0F6BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "josh@bress.net",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat."
},
{
"lang": "es",
"value": "** EN DISPUTA ** La corriente de GNU Libc est\u00e1 afectada por: Re-asignaci\u00f3n de la biblioteca cargada actual con un archivo ELF malicioso. El impacto es: En el peor de los casos el atacante puede evaluar los privilegios. El componente es: libld. El vector de ataque es: El atacante env\u00eda 2 archivos ELF a la v\u00edctima y le pide que ejecute ldd en \u00e9l. ldd ejecuta el c\u00f3digo. NOTA: Los comentarios de arriba indican que \"esto est\u00e1 siendo tratado como un error de seguridad y no una amenaza real\"."
}
],
"id": "CVE-2019-1010023",
"lastModified": "2024-11-21T04:17:55.643",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2019-07-15T04:15:13.397",
"references": [
{
"source": "josh@bress.net",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/109167"
},
{
"source": "josh@bress.net",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010023"
},
{
"source": "josh@bress.net",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851"
},
{
"source": "josh@bress.net",
"url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"source": "josh@bress.net",
"url": "https://ubuntu.com/security/CVE-2019-1010023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/109167"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22851"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://ubuntu.com/security/CVE-2019-1010023"
}
],
"sourceIdentifier": "josh@bress.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-15 04:15
Modified
2024-11-21 04:17
Severity ?
Summary
GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| josh@bress.net | https://security-tracker.debian.org/tracker/CVE-2019-1010022 | ||
| josh@bress.net | https://sourceware.org/bugzilla/show_bug.cgi?id=22850 | Exploit, Issue Tracking, Third Party Advisory | |
| josh@bress.net | https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3 | ||
| josh@bress.net | https://ubuntu.com/security/CVE-2019-1010022 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2019-1010022 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=22850 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://ubuntu.com/security/CVE-2019-1010022 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68D5A70D-5CEE-4E19-BF35-0245A0E0F6BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "josh@bress.net",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate \"this is being treated as a non-security bug and no real threat."
},
{
"lang": "es",
"value": "** EN DISPUTA ** La biblioteca Libc actual de GNU est\u00e1 afectada por: Omisi\u00f3n de Mitigaci\u00f3n. El impacto es: El atacante puede omitir la protecci\u00f3n stack guard. El componente es: nptl. El vector de ataque es: explotar la vulnerabilidad de desbordamiento del b\u00fafer de la pila y utilizar esta vulnerabilidad de omisi\u00f3n para eludir la protecci\u00f3n stack guard. NOTA: Los comentarios de los usuarios indican que \"esto est\u00e1 siendo tratado como un error de no seguridad y no una amenaza real\"."
}
],
"id": "CVE-2019-1010022",
"lastModified": "2024-11-21T04:17:55.500",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-15T04:15:13.317",
"references": [
{
"source": "josh@bress.net",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022"
},
{
"source": "josh@bress.net",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850"
},
{
"source": "josh@bress.net",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3"
},
{
"source": "josh@bress.net",
"url": "https://ubuntu.com/security/CVE-2019-1010022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security-tracker.debian.org/tracker/CVE-2019-1010022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://ubuntu.com/security/CVE-2019-1010022"
}
],
"sourceIdentifier": "josh@bress.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-08-31 06:15
Modified
2024-11-21 07:17
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html | ||
| cve@mitre.org | http://seclists.org/fulldisclosure/2024/Feb/3 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2024/01/30/6 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2024/01/30/8 | ||
| cve@mitre.org | https://security.gentoo.org/glsa/202310-03 | Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20221104-0002/ | Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=29536 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2024/Feb/3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/01/30/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2024/01/30/8 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202310-03 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20221104-0002/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=29536 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | 2.36 | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - | |
| netapp | ontap_select_deploy_administration_utility | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.36:*:*:*:*:*:*:*",
"matchCriteriaId": "8AAB69CA-28ED-4C6F-A82D-C67EF2AEF5E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it to the target log file, potentially revealing a portion of the contents of the heap."
},
{
"lang": "es",
"value": "Se ha detectado un problema en la biblioteca GNU C (glibc) versi\u00f3n 2.36. Cuando a la funci\u00f3n syslog le es pasada una cadena de entrada dise\u00f1ada de m\u00e1s de 1024 bytes, lee memoria no inicializada de la pila y la imprime en el archivo de registro de destino, revelando potencialmente una parte del contenido de la pila"
}
],
"id": "CVE-2022-39046",
"lastModified": "2024-11-21T07:17:26.680",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-31T06:15:07.467",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/8"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-03"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221104-0002/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2024/01/30/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202310-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221104-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29536"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-31 14:15
Modified
2025-02-07 17:15
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html | Exploit, Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://seclists.org/fulldisclosure/2024/Feb/3 | Exploit, Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2023-6780 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2254396 | Issue Tracking | |
| secalert@redhat.com | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/ | Mailing List | |
| secalert@redhat.com | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/ | Mailing List | |
| secalert@redhat.com | https://security.gentoo.org/glsa/202402-01 | Third Party Advisory | |
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2024/01/30/6 | Exploit, Mailing List | |
| secalert@redhat.com | https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2024/Feb/3 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2023-6780 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2254396 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/ | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/ | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202402-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20250207-0010/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2024/01/30/6 | Exploit, Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| fedoraproject | fedora | 38 | |
| fedoraproject | fedora | 39 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A5153FA-49E9-457F-94BB-202CACA41C76",
"versionEndExcluding": "2.39",
"versionStartIncluding": "2.37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un desbordamiento de enteros en la funci\u00f3n __vsyslog_internal de la liibrer\u00eda glibc. Esta funci\u00f3n es llamada por las funciones syslog y vsyslog. Este problema ocurre cuando estas funciones se llaman con un mensaje muy largo, lo que genera un c\u00e1lculo incorrecto del tama\u00f1o del b\u00fafer para almacenar el mensaje, lo que genera un comportamiento indefinido. Este problema afecta a glibc 2.37 y posteriores."
}
],
"id": "CVE-2023-6780",
"lastModified": "2025-02-07T17:15:29.880",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-31T14:15:48.917",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6780"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254396"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202402-01"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List"
],
"url": "https://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2024/Feb/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202402-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20250207-0010/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List"
],
"url": "https://www.openwall.com/lists/oss-security/2024/01/30/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-131"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-131"
},
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-20 16:59
Modified
2025-04-20 01:37
Severity ?
Summary
Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2017/02/14/9 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72740 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=17269 | Issue Tracking, Patch | |
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=bdf1ff052a8e23d637f2c838fa5642d78fcedc33 | ||
| cve@mitre.org | https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2017/02/14/9 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72740 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=17269 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=bdf1ff052a8e23d637f2c838fa5642d78fcedc33 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57CAD5CA-C7C1-4567-8E5B-FCA4DA4D516D",
"versionEndIncluding": "2.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n _IO_wstr_overflow en libio/wstrops.c en GNU C Library (tambi\u00e9n conocida como glibc o libc6) en versiones anteriores a 2.22 permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores relacionados con calcular un tama\u00f1o en, lo que desencadena un desbordamiento de b\u00fafer basado en memoria din\u00e1mica."
}
],
"id": "CVE-2015-8983",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-20T16:59:01.453",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72740"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17269"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=bdf1ff052a8e23d637f2c838fa5642d78fcedc33"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/14/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/72740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=17269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=bdf1ff052a8e23d637f2c838fa5642d78fcedc33"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-06-01 20:30
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow context-dependent attackers to cause a denial of service (memory consumption or application crash) via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-1391.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/39900 | Vendor Advisory | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-201011-01.xml | ||
| cve@mitre.org | http://securityreason.com/achievement_securityalert/67 | Exploit | |
| cve@mitre.org | http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600 | Exploit | |
| cve@mitre.org | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=199eb0de8d673fb23aa127721054b4f1803d61f3 | ||
| cve@mitre.org | http://www.debian.org/security/2010/dsa-2058 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2010:111 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2010:112 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/36443 | Exploit, Patch | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-944-1 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/1246 | Vendor Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=524671 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/59242 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/39900 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201011-01.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/achievement_securityalert/67 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=199eb0de8d673fb23aa127721054b4f1803d61f3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2058 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:111 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:112 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/36443 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-944-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1246 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=524671 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/59242 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| gnu | glibc | 2.0 | |
| gnu | glibc | 2.0.1 | |
| gnu | glibc | 2.0.2 | |
| gnu | glibc | 2.0.3 | |
| gnu | glibc | 2.0.4 | |
| gnu | glibc | 2.0.5 | |
| gnu | glibc | 2.0.6 | |
| gnu | glibc | 2.1 | |
| gnu | glibc | 2.1.1 | |
| gnu | glibc | 2.1.1.6 | |
| gnu | glibc | 2.1.2 | |
| gnu | glibc | 2.1.3 | |
| gnu | glibc | 2.1.9 | |
| gnu | glibc | 2.2 | |
| gnu | glibc | 2.2.1 | |
| gnu | glibc | 2.2.2 | |
| gnu | glibc | 2.2.3 | |
| gnu | glibc | 2.2.4 | |
| gnu | glibc | 2.2.5 | |
| gnu | glibc | 2.3 | |
| gnu | glibc | 2.3.1 | |
| gnu | glibc | 2.3.2 | |
| gnu | glibc | 2.3.3 | |
| gnu | glibc | 2.3.4 | |
| gnu | glibc | 2.3.5 | |
| gnu | glibc | 2.3.6 | |
| gnu | glibc | 2.3.10 | |
| gnu | glibc | 2.4 | |
| gnu | glibc | 2.5 | |
| gnu | glibc | 2.5.1 | |
| gnu | glibc | 2.6 | |
| gnu | glibc | 2.6.1 | |
| gnu | glibc | 2.7 | |
| gnu | glibc | 2.8 | |
| gnu | glibc | 2.9 | |
| gnu | glibc | 2.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C536A792-E705-4857-96CA-06B64BB569F3",
"versionEndIncluding": "2.10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C0577C-6BC7-418F-B2C5-B74800D43418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA795F7-8AAC-42BA-971B-601346704BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADA314-C0D0-40F8-9019-884F17D0B54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "255E0C0D-0B70-4C10-BF7C-34193AA24C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F424F2F5-D7E4-4A13-A8CF-32D466610BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC4E7AE-BDC4-48F1-9FDE-3F3FAA3F40F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1329215-C53A-40D5-8E9C-F457D092E483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E2A0F12-FD00-40B9-86AD-7D082385E5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED8F0E8-A969-4F7F-A100-662F4A5426FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9416576F-A605-45BE-AA01-FEF357A66979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE582B8F-4E31-4D0F-B2F9-AC83C855F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DB56D9C9-13B3-418C-B06C-0997E165F1C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5667D-5EA4-4B44-BF8A-9C10506BD4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "21F23D2F-A01F-4949-A917-D1164E14EAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64576C9A-FCD9-4410-B590-AB43F9F85D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "229AC4E3-AFBA-4EF4-8534-8FBE1E630253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B91503A-E8DC-4DFF-98D4-687B5AE41438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "241A4B59-7BBC-4656-93AC-7DD8BE29EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00D0DBDC-1559-406D-AADC-12B5ABDD2BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5294FCC-3933-4CD5-8DFE-BCDC00F4BD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CA3E33-7CC6-4AC5-999A-3C46D7FD14A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "261A4A17-3B9E-46E6-897B-DB0C8358A1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC8483-5060-428B-8D8E-C30E5823BB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44A511B6-72EC-4200-8C1C-BDE30BC2431A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B03C644D-0EF9-4586-96D5-5DEE78D9D5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47AD8A88-DAF0-4206-8661-70075BA2AE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42AD17CD-545F-425A-92CF-0EE5F5B5F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0660536D-7F82-4B91-8B84-704D26FE989F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E2037E8C-43E8-4121-B877-1834282ACD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCA5E85-9AFA-429A-AC51-8D8EC2841330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D41ABE25-DECD-4068-93DA-0B85281FD93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "84600406-0CE2-46EA-A5AD-4CC0D3494AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A96FA9ED-7529-440D-984D-6340B94D8243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E3D70AB0-2910-4191-9980-5BA78E8F2E11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow context-dependent attackers to cause a denial of service (memory consumption or application crash) via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-1391."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de entero en la implementaci\u00f3n \"strfmon\" en la Librer\u00eda C GNU (tambi\u00e9n conocida como glibc or libc6) v2.10.1 y anteriores, permiten a usuarios locales o remotos causar una denegaci\u00f3n de servicio (agotamiento de memoria y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de una cadena con formato manipulado, como se demostr\u00f3 con la manipulaci\u00f3n del primer argumento en la funci\u00f3n \"money_format\" en PHP, relacionado con CVE-2008-1391."
}
],
"id": "CVE-2009-4880",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-06-01T20:30:02.570",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39900"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/67"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600"
},
{
"source": "cve@mitre.org",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=199eb0de8d673fb23aa127721054b4f1803d61f3"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/36443"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-944-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1246"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=524671"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201011-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/67"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=199eb0de8d673fb23aa127721054b4f1803d61f3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/36443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-944-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=524671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59242"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-10 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=swg21995039 | Broken Link | |
| secalert@redhat.com | http://www.securityfocus.com/bid/102073 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://lists.debian.org/debian-lts-announce/2020/06/msg00027.html | ||
| secalert@redhat.com | https://source.android.com/security/bulletin/2017-12-01 | Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=20112 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=bc779a1a5b3035133024b21e2f339fe4219fb11c | ||
| secalert@redhat.com | https://usn.ubuntu.com/3759-1/ | Third Party Advisory | |
| secalert@redhat.com | https://usn.ubuntu.com/3759-2/ | Third Party Advisory | |
| secalert@redhat.com | https://www.oracle.com//security-alerts/cpujul2021.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21995039 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102073 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2020/06/msg00027.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://source.android.com/security/bulletin/2017-12-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=20112 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=bc779a1a5b3035133024b21e2f339fe4219fb11c | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3759-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3759-2/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com//security-alerts/cpujul2021.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | leap | 42.1 | |
| opensuse | opensuse | 13.2 | |
| gnu | glibc | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD43ADC-AA8F-4284-AD88-98A9A9CC8AAC",
"versionEndExcluding": "2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets."
},
{
"lang": "es",
"value": "Desbordamiento del buffer basado en pila en la funci\u00f3n clntudp_call en sunrpc/clnt_udp.c en GNU C Library (tambi\u00e9n conocida como glibc o libc6) permite a atacantes remotos provocar una denegaci\u00f3n del servicio (ca\u00edda) o posiblemente tener otro impacto no especificado a trav\u00e9s de una inundaci\u00f3n de paquetes ICMP y UDP manipulados."
}
],
"id": "CVE-2016-4429",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-10T15:59:05.687",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102073"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00027.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://source.android.com/security/bulletin/2017-12-01"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20112"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=bc779a1a5b3035133024b21e2f339fe4219fb11c"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3759-1/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3759-2/"
},
{
"source": "secalert@redhat.com",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://source.android.com/security/bulletin/2017-12-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=bc779a1a5b3035133024b21e2f339fe4219fb11c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3759-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3759-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-08-25 10:29
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085190.html | ||
| secalert@redhat.com | http://osvdb.org/84710 | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1207.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1208.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1262.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1325.html | ||
| secalert@redhat.com | http://secunia.com/advisories/50201 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/50422 | ||
| secalert@redhat.com | http://sourceware.org/bugzilla/show_bug.cgi?id=14459 | ||
| secalert@redhat.com | http://sourceware.org/ml/libc-alpha/2012-08/msg00202.html | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/08/13/4 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/08/13/6 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/54982 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1027374 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1589-1 | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201503-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085190.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/84710 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1207.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1208.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1262.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1325.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/50201 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/50422 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/bugzilla/show_bug.cgi?id=14459 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceware.org/ml/libc-alpha/2012-08/msg00202.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/08/13/4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/08/13/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/54982 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1027374 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1589-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4CFA8E-9892-4DDA-9DB2-581711E974A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified \"related functions\" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de entero en (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, y otras \"funciones relacionadas\" no especificadas en stdlib en GNU C Library (tambi\u00e9n conocido como glibc o libc6) v2.16 permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena larga, lo que provoca un desbordamiento de b\u00fafer basado en pila."
}
],
"id": "CVE-2012-3480",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-25T10:29:51.770",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085190.html"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/84710"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1207.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1208.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1262.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1325.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50201"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/50422"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=14459"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/ml/libc-alpha/2012-08/msg00202.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/4"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/6"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/54982"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1027374"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085190.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/84710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1207.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1208.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1262.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1325.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/50422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=14459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/ml/libc-alpha/2012-08/msg00202.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/54982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1589-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-04"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-25 17:15
Modified
2024-11-21 02:26
Severity ?
Summary
end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20230731-0009/ | ||
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=18036 | Exploit, Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20230731-0009/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=18036 | Exploit, Issue Tracking |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52FF54AF-2FAF-48C2-9C10-99313D8ADE22",
"versionEndExcluding": "2.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue."
}
],
"id": "CVE-2015-20109",
"lastModified": "2024-11-21T02:26:33.873",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-25T17:15:14.187",
"references": [
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20230731-0009/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18036"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20230731-0009/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18036"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-10 20:29
Modified
2024-11-21 00:24
Severity ?
Summary
The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=2498 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=2498 | Issue Tracking, Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5E9DCF-47C5-4D69-A2DE-6530BDC42CD2",
"versionEndExcluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon."
},
{
"lang": "es",
"value": "El demonio nscd en la librer\u00eda GNU C (glibc) anterior a la versi\u00f3n 2.5, no cierra los sockets de clientes entrantes si no pueden ser manejados por el demonio, lo que permite a los usuarios locales llevar a cabo un ataque de denegaci\u00f3n de servicio en el demonio."
}
],
"id": "CVE-2006-7254",
"lastModified": "2024-11-21T00:24:44.447",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-10T20:29:00.287",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=2498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=2498"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-02-26 02:29
Modified
2024-11-21 01:11
Severity ?
Summary
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272 | Mailing List, Patch, Vendor Advisory | |
| cve@mitre.org | https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793 | Mailing List, Vendor Advisory | |
| cve@mitre.org | https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806 | Exploit, Mailing List, Vendor Advisory | |
| cve@mitre.org | https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238 | Exploit, Mailing List, Vendor Advisory | |
| cve@mitre.org | https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E | ||
| cve@mitre.org | https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E | ||
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190315-0002/ | Patch, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=11053 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=18986 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=eb04c21373e2a2885f3d52ff192b0499afe3c672 | ||
| cve@mitre.org | https://support.f5.com/csp/article/K64119434 | ||
| cve@mitre.org | https://support.f5.com/csp/article/K64119434?utm_source=f5support&%3Butm_medium=RSS | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272 | Mailing List, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793 | Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806 | Exploit, Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238 | Exploit, Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190315-0002/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=11053 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=18986 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=eb04c21373e2a2885f3d52ff192b0499afe3c672 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K64119434 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K64119434?utm_source=f5support&%3Butm_medium=RSS |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| netapp | cloud_backup | * | |
| netapp | ontap_select_deploy_administration_utility | - | |
| netapp | steelstore_cloud_integrated_storage | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4959A9E5-70A1-4E9D-99BA-DF6C98ED8B34",
"versionEndExcluding": "2.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4433FEA1-564D-4592-BB12-1C194B543928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match."
},
{
"lang": "es",
"value": "En la biblioteca GNU C (tambi\u00e9n conocida como glibc o libc6), en versiones anteriores a la 2.28, parse_reg_exp en posix/regcomp.c analiza err\u00f3neamente las alternativas, lo que permite que los atacantes provoquen una denegaci\u00f3n de servicio (fallo de aserci\u00f3n y salida de la aplicaci\u00f3n) o desencadenen un resultado incorrecto intentando realizar una coincidencia de expresiones regulares."
}
],
"id": "CVE-2009-5155",
"lastModified": "2024-11-21T01:11:17.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-02-26T02:29:00.277",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190315-0002/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=11053"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18986"
},
{
"source": "cve@mitre.org",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=eb04c21373e2a2885f3d52ff192b0499afe3c672"
},
{
"source": "cve@mitre.org",
"url": "https://support.f5.com/csp/article/K64119434"
},
{
"source": "cve@mitre.org",
"url": "https://support.f5.com/csp/article/K64119434?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190315-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=11053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=eb04c21373e2a2885f3d52ff192b0499afe3c672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K64119434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K64119434?utm_source=f5support\u0026amp%3Butm_medium=RSS"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-01 04:29
Modified
2024-11-21 03:04
Severity ?
Summary
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://seclists.org/oss-sec/2017/q4/385 | Exploit, Mailing List, Third Party Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190404-0003/ | ||
| cve@mitre.org | https://www.exploit-db.com/exploits/43331/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/oss-sec/2017/q4/385 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190404-0003/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/43331/ | Exploit, Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0B9503-9AD0-4A1A-BD4F-4B902BFC8E5F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en glibc 2.5 (publicado el 29 de septiembre de 2006) puede ser desencadenado mediante la variable de entorno LD_LIBRARY_PATH. Hay que tener en cuenta que muchas versiones de glibc no son vulnerables a este problema si se corrigen con el parche para CVE-2017-1000366."
}
],
"id": "CVE-2017-1000409",
"lastModified": "2024-11-21T03:04:40.303",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-01T04:29:00.310",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2017/q4/385"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/43331/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2017/q4/385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20190404-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/43331/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-02-26 02:29
Modified
2024-11-21 04:02
Severity ?
Summary
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/107160 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141 | Exploit, Mailing List, Vendor Advisory | |
| cve@mitre.org | https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html | Exploit, Mailing List, Vendor Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20190315-0002/ | Patch, Third Party Advisory | |
| cve@mitre.org | https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107160 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141 | Exploit, Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html | Exploit, Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20190315-0002/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K26346590?utm_source=f5support&%3Butm_medium=RSS |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| netapp | cloud_backup | * | |
| netapp | ontap_select_deploy_administration_utility | - | |
| netapp | steelstore_cloud_integrated_storage | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60F1CB2F-5B42-4134-8328-480F5F07932D",
"versionEndIncluding": "2.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4433FEA1-564D-4592-BB12-1C194B543928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by \u0027(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+\u0027 in grep."
},
{
"lang": "es",
"value": "En la biblioteca GNU C (tambi\u00e9n conocida como glibc o libc6), hasta la versi\u00f3n 2.29, check_dst_limits_calc_pos_1 en posix/regexec.c tiene una recursi\u00f3n no controlada, tal y como queda demostrado con \"(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+\" en grep."
}
],
"id": "CVE-2018-20796",
"lastModified": "2024-11-21T04:02:11.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-02-26T02:29:00.450",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107160"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190315-0002/"
},
{
"source": "cve@mitre.org",
"url": "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190315-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp%3Butm_medium=RSS"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-674"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-07 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2016-10/msg00009.html | Third Party Advisory | |
| secalert@redhat.com | http://www-01.ibm.com/support/docview.wss?uid=swg21995039 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2016/08/18/12 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/92532 | ||
| secalert@redhat.com | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTXSOVCRDGBIB4WCIDAGYYUBESXZ4IGK/ | ||
| secalert@redhat.com | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVWSAZVBTLALXF4SCBPDV3FY6J22DXLZ/ | ||
| secalert@redhat.com | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WO7IMEYWZ2WTXGGMZBWWSDCUMFN63XOB/ | ||
| secalert@redhat.com | https://security.gentoo.org/glsa/201706-19 | ||
| secalert@redhat.com | https://sourceware.org/bugzilla/show_bug.cgi?id=20435 | Issue Tracking | |
| secalert@redhat.com | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-10/msg00009.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=swg21995039 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/08/18/12 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92532 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTXSOVCRDGBIB4WCIDAGYYUBESXZ4IGK/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVWSAZVBTLALXF4SCBPDV3FY6J22DXLZ/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WO7IMEYWZ2WTXGGMZBWWSDCUMFN63XOB/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201706-19 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=20435 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | glibc | * | |
| opensuse | opensuse | 13.2 | |
| fedoraproject | fedora | 23 | |
| fedoraproject | fedora | 24 | |
| fedoraproject | fedora | 25 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8BEA2E-918A-44DB-96A6-101EB3132AC4",
"versionEndIncluding": "2.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
"matchCriteriaId": "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*",
"matchCriteriaId": "772E9557-A371-4664-AE2D-4135AAEB89AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation."
},
{
"lang": "es",
"value": "La funci\u00f3n makecontext en GNU C Library (tambi\u00e9n conocido como glibc o libc6) en versiones anteriores a 2.25 crea contexto de ejecuci\u00f3n incompatibles con el desbobinador en plataformas ARM EABI (32-bit), lo que podr\u00eda permitir a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (cuelgue), seg\u00fan lo demostrado por las aplicaciones compiladas utilizando gccgo, relacionado con la generaci\u00f3n de traza inversa."
}
],
"id": "CVE-2016-6323",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-07T14:59:06.007",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-10/msg00009.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/08/18/12"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/92532"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTXSOVCRDGBIB4WCIDAGYYUBESXZ4IGK/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVWSAZVBTLALXF4SCBPDV3FY6J22DXLZ/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WO7IMEYWZ2WTXGGMZBWWSDCUMFN63XOB/"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20435"
},
{
"source": "secalert@redhat.com",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-10/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21995039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/08/18/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTXSOVCRDGBIB4WCIDAGYYUBESXZ4IGK/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVWSAZVBTLALXF4SCBPDV3FY6J22DXLZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WO7IMEYWZ2WTXGGMZBWWSDCUMFN63XOB/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201706-19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}