This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Gnu First view 2002-08-12
Product Glibc Last view 2020-10-06
Version 1.08.11 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:gnu:glibc

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
9.8 2020-10-06 CVE-1999-0199

manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999.

7 2020-04-30 CVE-2020-1752

A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.

7 2020-04-17 CVE-2020-1751

An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.

8.1 2020-04-01 CVE-2020-6096

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.

5.5 2020-03-04 CVE-2020-10029

The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.

3.3 2019-11-19 CVE-2019-19126

On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.

5.5 2019-04-10 CVE-2006-7254

The nscd daemon in the GNU C Library (glibc) before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon.

9.8 2019-04-10 CVE-2005-3590

The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory.

7.5 2019-02-26 CVE-2019-9192

** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.

9.8 2019-02-25 CVE-2019-9169

In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.

7.5 2019-02-25 CVE-2018-20796

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.

7.5 2019-02-25 CVE-2009-5155

In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.

5.5 2019-02-02 CVE-2019-7309

In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.

5.3 2019-01-21 CVE-2016-10739

In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.

7.8 2019-01-18 CVE-2019-6488

The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.

7.5 2018-12-04 CVE-2018-19591

In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.

7.8 2018-05-18 CVE-2018-11237

An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.

9.8 2018-05-18 CVE-2018-11236

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.

9.8 2018-05-18 CVE-2017-18269

An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.

9.8 2018-02-02 CVE-2018-6551

The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.

9.8 2018-02-01 CVE-2018-6485

An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.

7.8 2018-01-31 CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.

9.8 2017-10-22 CVE-2017-15804

The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.

5.9 2017-10-20 CVE-2017-15671

The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak).

9.8 2017-10-20 CVE-2017-15670

The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.

CWE : Common Weakness Enumeration

%idName
25% (22) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
9% (8) CWE-787 Out-of-bounds Write
9% (8) CWE-189 Numeric Errors
8% (7) CWE-20 Improper Input Validation
5% (5) CWE-264 Permissions, Privileges, and Access Controls
5% (5) CWE-190 Integer Overflow or Wraparound
4% (4) CWE-399 Resource Management Errors
3% (3) CWE-19 Data Handling
3% (3) CWE-17 Code
2% (2) CWE-674 Uncontrolled Recursion
2% (2) CWE-416 Use After Free
2% (2) CWE-200 Information Exposure
2% (2) CWE-125 Out-of-bounds Read
2% (2) CWE-94 Failure to Control Generation of Code ('Code Injection')
1% (1) CWE-772 Missing Release of Resource after Effective Lifetime
1% (1) CWE-770 Allocation of Resources Without Limits or Throttling
1% (1) CWE-476 NULL Pointer Dereference
1% (1) CWE-404 Improper Resource Shutdown or Release
1% (1) CWE-284 Access Control (Authorization) Issues
1% (1) CWE-254 Security Features
1% (1) CWE-252 Unchecked Return Value
1% (1) CWE-191 Integer Underflow (Wrap or Wraparound)
1% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')
1% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
1% (1) CWE-16 Configuration

Open Source Vulnerability Database (OSVDB)

id Description
78316 GNU C Library (glibc) Multiple Function EMFILE Error Handling Remote DoS
77508 GNU C Library time/tzfile.c __tzfile_read() Function Timezone File Handling R...
75261 GNU C Library ld.so $ORIGIN Dynamic String Token RPATH Local Privilege Escala...
74883 GNU C Library addmntent Function mtab Write RLIMIT_FSIZE Value Handling Local...
74278 GNU C Library ldd LD_TRACE_LOADED_OBJECTS Check Modified Executable Loader Lo...
73407 GNU C Library locale/programs/locale.c Output Quoting Localization Environmen...
72796 GNU C Library fnmatch() Function UTF8 String Handling Stack Corruption
72100 GNU C Library posix/fnmatch.c fnmatch() Function Overflow DoS
68920 GNU C Library Dynamic Linker LD_AUDIT non-setuid Library Loading Issue
68721 GNU C Library Dynamic Linker $ORIGIN Substitution Expansion Weakness Local Pr...
68630 GNU C Library Run-time Memory Protection Mechanisms Incorrect Program Executi...
65080 GNU C Library strfmon Implementation Crafted Format String Overflow DoS
65079 GNU C Library stdlib/strfmon_l.c __vstrfmon_l Function Format String Overflow...
65078 GNU C Library misc/mntent_r.c encode_name Macro Crafted Mount Request Local DoS
53299 GNU DNS Resolver Library (glibc) Multiple DNS Resolver Functions Remote Overflow
53298 BSD DNS Resolver Library (libc) Multiple DNS Resolver Functions Remote Overflow
14877 ISC BIND stub Resolver Libraries Malformed DNS Response DoS
14432 ISC BIND Multiple DNS Resolver Functions Remote Overflow

ExploitDB Exploits

id Description
34421 glibc Off-by-One NUL Byte gconv_translit_find Exploit
20167 eGlibc Signedness Code Execution Vulnerability
18105 glibc LD_AUDIT arbitrary DSO load Privilege Escalation
15304 GNU C library dynamic linker LD_AUDIT arbitrary DSO load Vulnerability
15274 GNU C library dynamic linker $ORIGIN expansion Vulnerability

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-12-27 Name : VMSA-2012-0018: VMware security updates for vCSA and ESXi
File : nvt/gb_VMSA-2012-0018.nasl
2012-09-10 Name : Slackware Advisory SSA:2012-041-03 glibc
File : nvt/esoft_slk_ssa_2012_041_03.nasl
2012-08-31 Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries.
File : nvt/gb_VMSA-2012-0013.nasl
2012-08-03 Name : Mandriva Update for ncpfs MDVSA-2012:084 (ncpfs)
File : nvt/gb_mandriva_MDVSA_2012_084.nasl
2012-08-03 Name : Mandriva Update for util-linux MDVSA-2012:083 (util-linux)
File : nvt/gb_mandriva_MDVSA_2012_083.nasl
2012-08-02 Name : SuSE Update for glibc openSUSE-SU-2012:0064-1 (glibc)
File : nvt/gb_suse_2012_0064_1.nasl
2012-07-30 Name : CentOS Update for glibc CESA-2011:0412 centos5 x86_64
File : nvt/gb_CESA-2011_0412_glibc_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for glibc CESA-2012:0058 centos6
File : nvt/gb_CESA-2012_0058_glibc_centos6.nasl
2012-07-30 Name : CentOS Update for glibc CESA-2012:0125 centos4
File : nvt/gb_CESA-2012_0125_glibc_centos4.nasl
2012-07-30 Name : CentOS Update for glibc CESA-2012:0126 centos5
File : nvt/gb_CESA-2012_0126_glibc_centos5.nasl
2012-07-09 Name : RedHat Update for glibc RHSA-2012:0058-01
File : nvt/gb_RHSA-2012_0058-01_glibc.nasl
2012-07-09 Name : RedHat Update for glibc RHSA-2011:1526-03
File : nvt/gb_RHSA-2011_1526-03_glibc.nasl
2012-06-06 Name : RedHat Update for glibc RHSA-2011:0413-01
File : nvt/gb_RHSA-2011_0413-01_glibc.nasl
2012-03-16 Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX...
File : nvt/gb_VMSA-2011-0012.nasl
2012-03-12 Name : Ubuntu Update for eglibc USN-1396-1
File : nvt/gb_ubuntu_USN_1396_1.nasl
2012-02-21 Name : RedHat Update for glibc RHSA-2012:0125-01
File : nvt/gb_RHSA-2012_0125-01_glibc.nasl
2012-02-21 Name : RedHat Update for glibc RHSA-2012:0126-01
File : nvt/gb_RHSA-2012_0126-01_glibc.nasl
2012-01-20 Name : Fedora Update for glibc FEDORA-2012-0018
File : nvt/gb_fedora_2012_0018_glibc_fc15.nasl
2011-11-28 Name : Mandriva Update for glibc MDVSA-2011:178 (glibc)
File : nvt/gb_mandriva_MDVSA_2011_178.nasl
2011-10-14 Name : Mandriva Update for samba MDVSA-2011:148 (samba)
File : nvt/gb_mandriva_MDVSA_2011_148.nasl
2011-08-09 Name : CentOS Update for glibc CESA-2011:0412 centos5 i386
File : nvt/gb_CESA-2011_0412_glibc_centos5_i386.nasl
2011-08-09 Name : CentOS Update for glibc CESA-2010:0793 centos5 i386
File : nvt/gb_CESA-2010_0793_glibc_centos5_i386.nasl
2011-08-09 Name : CentOS Update for glibc CESA-2010:0787 centos5 i386
File : nvt/gb_CESA-2010_0787_glibc_centos5_i386.nasl
2011-04-06 Name : RedHat Update for glibc RHSA-2011:0412-01
File : nvt/gb_RHSA-2011_0412-01_glibc.nasl
2011-03-09 Name : Gentoo Security Advisory GLSA 201011-01 (glibc)
File : nvt/glsa_201011_01.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-B-0083 Multiple Vulnerabilities in IBM Storwize V7000 Unified
Severity: Category I - VMSKEY: V0060983
2015-A-0038 Multiple Vulnerabilities in GNU C Library (glibc)
Severity: Category I - VMSKEY: V0058753
2015-B-0007 Multiple Vulnerabilities in Juniper Secure Analytics (JSA) and Security Threa...
Severity: Category I - VMSKEY: V0058213
2014-B-0126 Multiple Vulnerabilities in VMware ESXi 5.5
Severity: Category I - VMSKEY: V0054325
2012-A-0153 Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity: Category I - VMSKEY: V0033884
2012-A-0148 Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity: Category I - VMSKEY: V0033794
2011-A-0147 Multiple Vulnerabilities in VMware ESX and ESXi
Severity: Category I - VMSKEY: V0030545
2011-A-0108 Multiple Vulnerabilities in VMware ESX Service Console
Severity: Category I - VMSKEY: V0029562

Snort® IPS/IDS

Date Description
2016-09-27 WordPress pingback gethostbyname heap buffer overflow attempt
RuleID : 39925 - Type : SERVER-WEBAPP - Revision : 2
2015-03-04 WordPress pingback gethostbyname heap buffer overflow attempt
RuleID : 33275 - Type : SERVER-WEBAPP - Revision : 2
2015-03-04 Exim gethostbyname heap buffer overflow attempt
RuleID : 33226 - Type : SERVER-MAIL - Revision : 3
2015-03-04 Exim gethostbyname heap buffer overflow attempt
RuleID : 33225 - Type : SERVER-MAIL - Revision : 4

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-10 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2019-1140.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-060302dc83.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-916dfe0d86.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-f6b7df660d.nasl - Type: ACT_GATHER_INFO
2018-12-20 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-1131.nasl - Type: ACT_GATHER_INFO
2018-12-18 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL06493172.nasl - Type: ACT_GATHER_INFO
2018-12-18 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL16365.nasl - Type: ACT_GATHER_INFO
2018-12-17 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL29241247.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1109.nasl - Type: ACT_GATHER_INFO
2018-11-16 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-3092.nasl - Type: ACT_GATHER_INFO
2018-10-26 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1332.nasl - Type: ACT_GATHER_INFO
2018-10-26 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1344.nasl - Type: ACT_GATHER_INFO
2018-09-27 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1289.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1239.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1272.nasl - Type: ACT_GATHER_INFO
2018-09-10 Name: The remote Fedora host is missing a security update.
File: fedora_2018-c1ef35a4f9.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0013.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0022.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0023.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0040.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0041.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0048.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0052.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0111.nasl - Type: ACT_GATHER_INFO