Search CVE reports
31 – 40 of 148 results
CVE-2020-29573
Low prioritysysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2020-29562
Low prioritySome fixes available 2 of 3
The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | Not in release | Not in release | Not in release | Not in release |
| glibc | — | Not affected | Fixed | Fixed | Not affected |
CVE-2020-1752
Low prioritySome fixes available 3 of 4
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Not affected | Not affected | Not affected | Fixed | Fixed |
CVE-2020-1751
Medium prioritySome fixes available 3 of 4
An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address,...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Fixed | Fixed |
CVE-2020-6096
Low prioritySome fixes available 11 of 13
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num'...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2020-10029
Low prioritySome fixes available 2 of 3
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Not affected | Not affected | Not affected | Fixed | Fixed |
CVE-2011-3336
Medium priorityregcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | — | Not in release | Not in release |
| glibc | — | — | — | Not affected | Not affected |
CVE-2019-19126
Low prioritySome fixes available 3 of 4
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Fixed | Fixed |
CVE-2019-1010025
Low priority** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Not affected | Not affected | Not affected |
CVE-2019-1010024
Low priority** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | — | Not in release | Not in release | Not in release |
| glibc | — | — | Ignored | Ignored | Ignored |