Search CVE reports
1 – 10 of 148 results
CVE-2024-33602
Medium prioritySome fixes available 6 of 8
nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | — | — |
glibc | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2024-33601
Medium prioritySome fixes available 6 of 8
nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | — | — |
glibc | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2024-33600
Medium prioritySome fixes available 6 of 8
nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | — | — |
glibc | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2024-33599
Medium prioritySome fixes available 6 of 8
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | — | — |
glibc | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2024-2961
Medium priorityThe iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | — | — |
glibc | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2023-6780
Medium priorityAn integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Fixed | Not affected | Not affected | Not affected | Not affected |
CVE-2023-6779
Medium priorityAn off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Fixed | Not affected | Not affected | Not affected | Not affected |
CVE-2023-6246
Medium priorityA heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Fixed | Not affected | Not affected | Not affected | Not affected |
CVE-2023-4911
High priorityA buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment...
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Fixed | Fixed | Not affected | Not affected | Not affected |
CVE-2023-5156
Medium prioritySome fixes available 5 of 6
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.
2 affected packages
eglibc, glibc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
glibc | Fixed | Fixed | Not affected | Not affected | Not affected |