Search CVE reports
51 – 60 of 150 results
CVE-2019-7309
Negligible priorityIn the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Ignored | Ignored |
CVE-2016-10739
Low priorityIn the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Not affected | Not affected | Not affected | Ignored | Ignored |
CVE-2019-6488
Negligible priorityThe string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Ignored | Ignored |
CVE-2018-19591
Medium prioritySome fixes available 1 of 2
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Fixed | Not affected |
CVE-2018-11237
Medium prioritySome fixes available 2 of 3
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Fixed | Fixed |
CVE-2018-11236
Medium prioritySome fixes available 3 of 4
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Not affected | Not affected | Not affected | Fixed | Fixed |
CVE-2017-18269
Medium prioritySome fixes available 1 of 2
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Not affected | Fixed |
CVE-2018-6551
Medium priorityThe malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | — | Not in release | Not in release |
| glibc | — | — | — | Not affected | Not affected |
CVE-2018-6485
Medium prioritySome fixes available 2 of 3
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Not affected | Fixed |
CVE-2018-1000001
High prioritySome fixes available 5 of 11
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
4 affected packages
dietlibc, eglibc, glibc, musl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dietlibc | — | — | — | Not affected | Not affected |
| eglibc | — | — | — | Not in release | Not in release |
| glibc | — | — | — | Not affected | Fixed |
| musl | — | — | — | Not affected | Fixed |