VYPR
Unrated severityNVD Advisory· Published Apr 10, 2019· Updated Aug 7, 2024

CVE-2005-3590

CVE-2005-3590

Description

The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory.

Affected products

2
  • GNU/Glibcinferred2 versions
    <2.3.5+ 1 more
    • (no CPE)range: <2.3.5
    • (no CPE)range: <2.3.5

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.