Search for packages
| purl | pkg:deb/ubuntu/eglibc@2.18-0ubuntu6 |
| Next non-vulnerable version | 2.19-0ubuntu6.14 |
| Latest non-vulnerable version | 2.19-0ubuntu6.14 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-126p-hwx7-aaab
Aliases: CVE-2015-8777 |
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable. |
Affected by 14 other vulnerabilities. |
|
VCID-2u2p-f2k7-aaar
Aliases: CVE-2015-8982 |
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow. |
Affected by 7 other vulnerabilities. |
|
VCID-38up-9y3m-aaaj
Aliases: CVE-2015-8984 |
The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read. |
Affected by 7 other vulnerabilities. |
|
VCID-39gf-zy6k-aaah
Aliases: CVE-2016-3706 |
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458. |
Affected by 7 other vulnerabilities. |
|
VCID-3p8w-sk2f-aaan
Aliases: CVE-2015-5277 |
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database. |
Affected by 14 other vulnerabilities. |
|
VCID-4xqz-mqku-aaad
Aliases: CVE-2017-1000366 |
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier. |
Affected by 6 other vulnerabilities. |
|
VCID-516p-q81c-aaac
Aliases: CVE-2014-9402 |
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process. |
Affected by 25 other vulnerabilities. |
|
VCID-5ex2-t5pk-aaak
Aliases: CVE-2015-8983 |
Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow. |
Affected by 7 other vulnerabilities. |
|
VCID-5vtf-562w-aaam
Aliases: CVE-2014-5119 |
Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules. |
Affected by 33 other vulnerabilities. |
|
VCID-7c1g-7et9-aaab
Aliases: CVE-2013-7424 |
The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to ping6. |
Affected by 30 other vulnerabilities. |
|
VCID-7dyv-bqd1-aaas
Aliases: CVE-2016-6323 |
The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation. |
Affected by 7 other vulnerabilities. |
|
VCID-7mps-j7m8-aaaq
Aliases: CVE-2015-8776 |
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value. |
Affected by 14 other vulnerabilities. |
|
VCID-7wat-27ue-aaac
Aliases: CVE-2015-8779 |
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name. |
Affected by 14 other vulnerabilities. |
|
VCID-86e2-3emx-aaac
Aliases: CVE-2014-4043 |
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities. |
Affected by 35 other vulnerabilities. |
|
VCID-9ref-p6rh-aaap
Aliases: CVE-2016-2856 |
pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10 lacks a namespace check associated with file-descriptor passing, which allows local users to capture keystrokes and spoof data, and possibly gain privileges, via pts read and write operations, related to debian/sysdeps/linux.mk. NOTE: this is not considered a vulnerability in the upstream GNU C Library because the upstream documentation has a clear security recommendation against the --enable-pt_chown option. |
Affected by 14 other vulnerabilities. |
|
VCID-a7g7-sv1u-aaae
Aliases: CVE-2014-7817 |
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))". |
Affected by 31 other vulnerabilities. |
|
VCID-cdst-c5z2-aaan
Aliases: CVE-2016-3075 |
Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name. |
Affected by 14 other vulnerabilities. |
|
VCID-crqb-xv8r-aaan
Aliases: CVE-2014-6040 |
GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of "0xffff" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8. |
Affected by 31 other vulnerabilities. |
|
VCID-dw97-gxes-aaar
Aliases: CVE-2012-6656 |
iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8. |
Affected by 33 other vulnerabilities. |
|
VCID-ebra-cryr-aaap
Aliases: CVE-2017-16997 |
elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution. |
Affected by 0 other vulnerabilities. |
|
VCID-evhs-yhuh-aaac
Aliases: CVE-2015-7547 |
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module. |
Affected by 24 other vulnerabilities. |
|
VCID-ge3f-mumy-aaaq
Aliases: CVE-2013-7423 |
The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function. |
Affected by 25 other vulnerabilities. |
|
VCID-hhn8-a4fb-aaak
Aliases: CVE-2013-2207 |
pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system. |
Affected by 14 other vulnerabilities. |
|
VCID-hmph-8h2t-aaar
Aliases: CVE-2014-8121 |
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset. |
Affected by 14 other vulnerabilities. |
|
VCID-j1kz-azyx-aaac
Aliases: CVE-2015-1472 |
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call. |
Affected by 25 other vulnerabilities. |
|
VCID-mbha-r89p-aaaf
Aliases: CVE-2015-1781 |
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer. |
Affected by 14 other vulnerabilities. |
|
VCID-mh4w-3cse-aaae
Aliases: CVE-2015-1473 |
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call. |
Affected by 25 other vulnerabilities. |
|
VCID-np3c-natf-aaah
Aliases: CVE-2016-4429 |
Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets. |
Affected by 7 other vulnerabilities. |
|
VCID-q34n-jxu6-aaaa
Aliases: CVE-2016-1234 |
Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name. |
Affected by 7 other vulnerabilities. |
|
VCID-q554-jg3k-aaaj
Aliases: CVE-2014-0475 |
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable. |
Affected by 35 other vulnerabilities. |
|
VCID-rf6m-23qz-aaac
Aliases: CVE-2015-0235 |
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST." |
Affected by 37 other vulnerabilities. |
|
VCID-sbu9-jza7-aaae
Aliases: CVE-2017-15670 |
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string. |
Affected by 0 other vulnerabilities. |
|
VCID-shz5-h2cp-aaak
Aliases: CVE-2011-5320 |
scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s. |
Affected by 25 other vulnerabilities. |
|
VCID-thwz-6sj5-aaad
Aliases: CVE-2017-1000408 |
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366. |
Affected by 0 other vulnerabilities. |
|
VCID-uwgz-2m3w-aaan
Aliases: CVE-2015-8778 |
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access. |
Affected by 14 other vulnerabilities. |
|
VCID-vh9x-2eyt-aaab
Aliases: CVE-2017-15804 |
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator. |
Affected by 0 other vulnerabilities. |
|
VCID-y6e2-dv72-aaac
Aliases: CVE-2017-1000409 |
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366. |
Affected by 0 other vulnerabilities. |
|
VCID-z25y-bsee-aaac
Aliases: CVE-2018-1000001 |
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|