Search CVE reports


Toggle filters

11 – 20 of 157 results


CVE-2024-2961

Medium priority
Fixed

The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application...

2 affected packages

glibc, eglibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glibc Fixed Fixed Fixed Fixed
eglibc Not in release Not in release Not in release
Show less packages

CVE-2024-12455

Medium priority
Not affected

[powerpc: getrandom() returns EINVAL as retcode instead of errno]

2 affected packages

glibc, eglibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glibc Not affected Not affected Not affected Not affected
eglibc Not in release Not in release Not in release
Show less packages

CVE-2023-6780

Medium priority
Fixed

An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long...

2 affected packages

glibc, eglibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glibc Fixed Not affected Not affected Not affected
eglibc Not in release Not in release Not in release Not in release
Show less packages

CVE-2023-6779

Medium priority
Fixed

An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a...

2 affected packages

glibc, eglibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glibc Fixed Not affected Not affected Not affected
eglibc Not in release Not in release Not in release Not in release
Show less packages

CVE-2023-6246

Medium priority
Fixed

A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called...

2 affected packages

glibc, eglibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glibc Fixed Not affected Not affected Not affected
eglibc Not in release Not in release Not in release Not in release
Show less packages

CVE-2023-5156

Medium priority

Some fixes available 6 of 7

A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.

2 affected packages

glibc, eglibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glibc Fixed Fixed Not affected Not affected
eglibc Not in release Not in release Not in release Not in release
Show less packages

CVE-2023-4911

High priority
Fixed

A buffer overflow was discovered in the GNU C Library’s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment...

2 affected packages

glibc, eglibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glibc Fixed Fixed Not affected Not affected
eglibc Not in release Not in release Not in release Not in release
Show less packages

CVE-2023-4813

Low priority

Some fixes available 4 of 5

A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and...

2 affected packages

glibc, eglibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glibc Not affected Fixed Fixed Fixed
eglibc Not in release Not in release Not in release Not in release
Show less packages

CVE-2023-4806

Low priority

Some fixes available 9 of 10

A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only...

2 affected packages

glibc, eglibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glibc Fixed Fixed Fixed Fixed
eglibc Not in release Not in release Not in release Not in release
Show less packages

CVE-2023-4527

Medium priority
Fixed

A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes...

2 affected packages

glibc, eglibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
glibc Fixed Not affected Not affected Not affected
eglibc Not in release Not in release Not in release Not in release
Show less packages