Search for packages
| purl | pkg:deb/ubuntu/glibc@2.26-0ubuntu2.1 |
| Next non-vulnerable version | 2.31-0ubuntu9.1 |
| Latest non-vulnerable version | 2.31-0ubuntu9.1 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1w8c-5p2q-aaan
Aliases: CVE-2018-11236 |
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution. |
Affected by 12 other vulnerabilities. |
|
VCID-1xau-e94n-aaae
Aliases: CVE-2015-5180 |
res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash). |
Affected by 16 other vulnerabilities. |
|
VCID-52mf-e571-aaan
Aliases: CVE-2010-3192 |
CVE-2010-3192 glibc: __fortify_fail may use corrupted memory when called from SSP callback |
Affected by 7 other vulnerabilities. |
|
VCID-7syh-h4xb-aaab
Aliases: CVE-2018-6551 |
The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption. |
Affected by 16 other vulnerabilities. |
|
VCID-81cz-acf1-aaak
Aliases: CVE-2019-9169 |
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. |
Affected by 6 other vulnerabilities. |
|
VCID-8k82-eenx-aaap
Aliases: CVE-2018-11237 |
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper. |
Affected by 12 other vulnerabilities. |
|
VCID-8uvb-j5w5-aaar
Aliases: CVE-2017-18269 |
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution. |
Affected by 12 other vulnerabilities. |
|
VCID-9rq2-dpes-aaar
Aliases: CVE-2020-10029 |
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c. |
Affected by 4 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-b2pc-cqxh-aaap
Aliases: CVE-2017-17426 |
The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache (aka tcache) feature enables a code path that lacks an integer overflow check. |
Affected by 16 other vulnerabilities. |
|
VCID-cahv-x34e-aaah
Aliases: CVE-2020-1752 |
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32. |
Affected by 3 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-ebra-cryr-aaap
Aliases: CVE-2017-16997 |
elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution. |
Affected by 16 other vulnerabilities. |
|
VCID-efsz-7a16-aaaf
Aliases: CVE-2019-7309 |
In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled. |
Affected by 4 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-ehq3-3yxg-aaae
Aliases: CVE-2015-8985 |
The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. |
Affected by 12 other vulnerabilities. |
|
VCID-fc6h-63v2-aaaq
Aliases: CVE-2018-19591 |
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function. |
Affected by 7 other vulnerabilities. |
|
VCID-gsfu-k8wz-aaak
Aliases: CVE-2018-6485 |
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption. |
Affected by 16 other vulnerabilities. |
|
VCID-jauw-zxrf-aaae
Aliases: CVE-2017-15671 |
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak). |
Affected by 16 other vulnerabilities. |
|
VCID-kmgq-gdkr-aaap
Aliases: CVE-2019-19126 |
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program. |
Affected by 3 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-sa5a-ea2y-aaab
Aliases: CVE-2020-1751 |
An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability. |
Affected by 3 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-sbu9-jza7-aaae
Aliases: CVE-2017-15670 |
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string. |
Affected by 16 other vulnerabilities. |
|
VCID-tb83-ecmn-aaag
Aliases: CVE-2020-29573 |
sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference. |
Affected by 0 other vulnerabilities. |
|
VCID-thwz-6sj5-aaad
Aliases: CVE-2017-1000408 |
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366. |
Affected by 16 other vulnerabilities. |
|
VCID-ubjd-dms9-aaar
Aliases: CVE-2016-10739 |
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings. |
Affected by 7 other vulnerabilities. |
|
VCID-vh9x-2eyt-aaab
Aliases: CVE-2017-15804 |
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator. |
Affected by 16 other vulnerabilities. |
|
VCID-y6e2-dv72-aaac
Aliases: CVE-2017-1000409 |
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366. |
Affected by 16 other vulnerabilities. |
|
VCID-z54v-76h3-aaae
Aliases: CVE-2009-5155 |
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. |
Affected by 7 other vulnerabilities. |
|
VCID-zkqv-bzeq-aaan
Aliases: CVE-2019-6488 |
The string component in the GNU C Library (aka glibc or libc6) through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for size_t in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy. |
Affected by 7 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-z25y-bsee-aaac | In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. |
CVE-2018-1000001
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|