Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 143 results


CVE-2024-33602

Medium priority

Some fixes available 6 of 8

nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release
glibc Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2024-33601

Medium priority

Some fixes available 6 of 8

nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release
glibc Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2024-33600

Medium priority

Some fixes available 6 of 8

nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release
glibc Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2024-33599

Medium priority

Some fixes available 6 of 8

nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release
glibc Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2024-2961

Medium priority
Fixed

The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release
glibc Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-6780

Medium priority
Fixed

An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release Not in release Not in release
glibc Fixed Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-6779

Medium priority
Fixed

An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release Not in release Not in release
glibc Fixed Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-6246

Medium priority
Fixed

A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release Not in release Not in release
glibc Fixed Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-4911

High priority
Fixed

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment...

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release Not in release Not in release
glibc Fixed Fixed Not affected Not affected Not affected
Show less packages

CVE-2023-5156

Medium priority

Some fixes available 5 of 6

A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.

2 affected packages

eglibc, glibc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eglibc Not in release Not in release Not in release Not in release Not in release
glibc Fixed Fixed Not affected Not affected Not affected
Show less packages