apk package

chainguard/posix-libc-utils

pkg:apk/chainguard/posix-libc-utils

Vulnerabilities (31)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2026-6238	Med	6.5	< 0	0	Apr 28, 2026	The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS resp
CVE-2026-5435	Hig	7.3	< 0	0	Apr 28, 2026	The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records.
CVE-2026-5928	Hig	7.5	< 2.43-r7	2.43-r7	Apr 20, 2026	Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buf
CVE-2026-5450	Cri	9.8	< 2.43-r7	2.43-r7	Apr 20, 2026	Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow.
CVE-2026-5358		—	< 2.43-r6	2.43-r6	Apr 20, 2026	Rejected reason: REJECTED: CVE-2026-5358 is rejected for two reasons. Firstly it has been discovered that no NIS+ client or server was ever released for any Linux-based OS distributions and as such this makes the API provisional and unused. Secondly it has been discovered that t
CVE-2026-4046	Hig	7.5	< 2.43-r6	2.43-r6	Mar 30, 2026	The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by rem
CVE-2026-4438	Med	5.4	< 2.43-r4	2.43-r4	Mar 20, 2026	Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.
CVE-2026-4437	Hig	7.5	< 2.43-r4	2.43-r4	Mar 20, 2026	Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that c
CVE-2025-8058	Med	—	< 2.41-r56	2.41-r56	Jul 23, 2025	The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow b
CVE-2025-5745		—	< 0	0	Jun 5, 2025	The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in ov
CVE-2025-5702		—	< 0	0	Jun 5, 2025	The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in ove
CVE-2025-0395	Med	6.2	< 2.40-r6	2.40-r6	Jan 22, 2025	When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.
CVE-2024-33602	Hig	7.4	< 2.39-r5	2.39-r5	May 6, 2024	nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to ns
CVE-2024-33601	Hig	7.3	< 2.39-r5	2.39-r5	May 6, 2024	nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients.
CVE-2024-33600	Med	5.9	< 2.39-r5	2.39-r5	May 6, 2024	nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was add
CVE-2024-33599	Hig	8.1	< 2.39-r5	2.39-r5	May 6, 2024	nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15
CVE-2024-2961	Hig	7.3	< 2.39-r2	2.39-r2	Apr 17, 2024	The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
CVE-2023-6780	Med	5.3	< 2.38-r11	2.38-r11	Jan 31, 2024	An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size t
CVE-2023-6779	Hig	8.2	< 2.38-r11	2.38-r11	Jan 31, 2024	An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incor
CVE-2023-6246	Hig	8.4	< 2.38-r11	2.38-r11	Jan 31, 2024	A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program

CVE-2026-6238MedApr 28, 2026
affected < 0fixed 0
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS resp
CVE-2026-5435HigApr 28, 2026
affected < 0fixed 0
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records.
CVE-2026-5928HigApr 20, 2026
affected < 2.43-r7fixed 2.43-r7
Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buf
CVE-2026-5450CriApr 20, 2026
affected < 2.43-r7fixed 2.43-r7
Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow.
CVE-2026-5358Apr 20, 2026
affected < 2.43-r6fixed 2.43-r6
Rejected reason: REJECTED: CVE-2026-5358 is rejected for two reasons. Firstly it has been discovered that no NIS+ client or server was ever released for any Linux-based OS distributions and as such this makes the API provisional and unused. Secondly it has been discovered that t
CVE-2026-4046HigMar 30, 2026
affected < 2.43-r6fixed 2.43-r6
The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by rem
CVE-2026-4438MedMar 20, 2026
affected < 2.43-r4fixed 2.43-r4
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.
CVE-2026-4437HigMar 20, 2026
affected < 2.43-r4fixed 2.43-r4
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that c
CVE-2025-8058MedJul 23, 2025
affected < 2.41-r56fixed 2.41-r56
The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow b
CVE-2025-5745Jun 5, 2025
affected < 0fixed 0
The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in ov
CVE-2025-5702Jun 5, 2025
affected < 0fixed 0
The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to v31 without saving contents from the caller (those registers are defined as non-volatile registers by the powerpc64le ABI), resulting in ove
CVE-2025-0395MedJan 22, 2025
affected < 2.40-r6fixed 2.40-r6
When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.
CVE-2024-33602HigMay 6, 2024
affected < 2.39-r5fixed 2.39-r5
nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to ns
CVE-2024-33601HigMay 6, 2024
affected < 2.39-r5fixed 2.39-r5
nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients.
CVE-2024-33600MedMay 6, 2024
affected < 2.39-r5fixed 2.39-r5
nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was add
CVE-2024-33599HigMay 6, 2024
affected < 2.39-r5fixed 2.39-r5
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15
CVE-2024-2961HigApr 17, 2024
affected < 2.39-r2fixed 2.39-r2
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
CVE-2023-6780MedJan 31, 2024
affected < 2.38-r11fixed 2.38-r11
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size t
CVE-2023-6779HigJan 31, 2024
affected < 2.38-r11fixed 2.38-r11
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incor
CVE-2023-6246HigJan 31, 2024
affected < 2.38-r11fixed 2.38-r11
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program

Page 1 of 2