This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Gnu First view 2010-10-14
Product Glibc Last view 2023-09-25
Version 2.19 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:gnu:glibc

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.5 2023-09-25 CVE-2023-5156

A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.

6.5 2023-09-18 CVE-2023-4527

A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.

5.9 2023-09-12 CVE-2023-4813

A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.

5.5 2023-06-25 CVE-2015-20109

end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue.

7.8 2022-08-24 CVE-2021-3999

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.

7.5 2022-08-24 CVE-2021-3998

A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.

9.8 2022-01-14 CVE-2022-23219

The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

9.8 2022-01-14 CVE-2022-23218

The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

7.5 2021-08-12 CVE-2021-38604

In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.

9.1 2021-07-22 CVE-2021-35942

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.

5.5 2021-02-26 CVE-2020-27618

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.

2.5 2021-02-24 CVE-2021-27645

The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.

7.5 2021-01-27 CVE-2021-3326

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

5.9 2021-01-04 CVE-2019-25013

The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.

7.5 2020-12-06 CVE-2020-29573

sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference.

4.8 2020-12-04 CVE-2020-29562

The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

7 2020-04-30 CVE-2020-1752

A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.

7 2020-04-17 CVE-2020-1751

An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.

8.1 2020-04-01 CVE-2020-6096

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.

5.5 2020-03-04 CVE-2020-10029

The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.

3.3 2019-11-19 CVE-2019-19126

On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.

7.5 2019-02-26 CVE-2019-9192

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern

9.8 2019-02-25 CVE-2019-9169

In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.

7.5 2019-02-25 CVE-2018-20796

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.

7.5 2019-02-25 CVE-2009-5155

In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
21% (16) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
12% (9) CWE-787 Out-of-bounds Write
8% (6) CWE-190 Integer Overflow or Wraparound
6% (5) CWE-125 Out-of-bounds Read
5% (4) CWE-20 Improper Input Validation
4% (3) CWE-416 Use After Free
4% (3) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
2% (2) CWE-674 Uncontrolled Recursion
2% (2) CWE-617 Reachable Assertion
2% (2) CWE-476 NULL Pointer Dereference
2% (2) CWE-399 Resource Management Errors
2% (2) CWE-189 Numeric Errors
2% (2) CWE-19 Data Handling
2% (2) CWE-17 Code
1% (1) CWE-772 Missing Release of Resource after Effective Lifetime
1% (1) CWE-770 Allocation of Resources Without Limits or Throttling
1% (1) CWE-665 Improper Initialization
1% (1) CWE-426 Untrusted Search Path
1% (1) CWE-415 Double Free
1% (1) CWE-404 Improper Resource Shutdown or Release
1% (1) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
1% (1) CWE-284 Access Control (Authorization) Issues
1% (1) CWE-254 Security Features
1% (1) CWE-200 Information Exposure
1% (1) CWE-195 Signed to Unsigned Conversion Error

Open Source Vulnerability Database (OSVDB)

id Description
68630 GNU C Library Run-time Memory Protection Mechanisms Incorrect Program Executi...

ExploitDB Exploits

id Description
34421 glibc Off-by-One NUL Byte gconv_translit_find Exploit

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0038 Multiple Vulnerabilities in GNU C Library (glibc)
Severity: Category I - VMSKEY: V0058753
2015-B-0007 Multiple Vulnerabilities in Juniper Secure Analytics (JSA) and Security Threa...
Severity: Category I - VMSKEY: V0058213

Snort® IPS/IDS

Date Description
2016-03-14 glibc getaddrinfo AAAA record stack buffer overflow attempt
RuleID : 37731-community - Type : PROTOCOL-DNS - Revision : 5
2016-03-22 glibc getaddrinfo AAAA record stack buffer overflow attempt
RuleID : 37731 - Type : PROTOCOL-DNS - Revision : 5
2016-03-14 glibc getaddrinfo A record stack buffer overflow attempt
RuleID : 37730-community - Type : PROTOCOL-DNS - Revision : 5
2016-03-22 glibc getaddrinfo A record stack buffer overflow attempt
RuleID : 37730 - Type : PROTOCOL-DNS - Revision : 5

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-10 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2019-1140.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-060302dc83.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-916dfe0d86.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-f6b7df660d.nasl - Type: ACT_GATHER_INFO
2018-12-20 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-1131.nasl - Type: ACT_GATHER_INFO
2018-12-18 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL06493172.nasl - Type: ACT_GATHER_INFO
2018-12-18 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL16365.nasl - Type: ACT_GATHER_INFO
2018-12-17 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL29241247.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1109.nasl - Type: ACT_GATHER_INFO
2018-11-16 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-3092.nasl - Type: ACT_GATHER_INFO
2018-10-26 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1332.nasl - Type: ACT_GATHER_INFO
2018-10-26 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1344.nasl - Type: ACT_GATHER_INFO
2018-09-27 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1289.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1239.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1272.nasl - Type: ACT_GATHER_INFO
2018-09-10 Name: The remote Fedora host is missing a security update.
File: fedora_2018-c1ef35a4f9.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0013.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0022.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0023.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0040.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0041.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0048.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0052.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0098-a.nasl - Type: ACT_GATHER_INFO