rpm package
opensuse/glibc&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/glibc&distro=openSUSE%20Leap%2015.6
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-4438 | Med | 5.4 | < 2.38-150600.14.46.1 | 2.38-150600.14.46.1 | Mar 20, 2026 | Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification. | |
| CVE-2026-4437 | Hig | 7.5 | < 2.38-150600.14.46.1 | 2.38-150600.14.46.1 | Mar 20, 2026 | Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that c | |
| CVE-2025-15281 | — | < 2.38-150600.14.40.1 | 2.38-150600.14.40.1 | Jan 20, 2026 | Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process. | ||
| CVE-2026-0915 | — | < 2.38-150600.14.40.1 | 2.38-150600.14.40.1 | Jan 15, 2026 | Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver. | ||
| CVE-2026-0861 | — | < 2.38-150600.14.40.1 | 2.38-150600.14.40.1 | Jan 14, 2026 | Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control | ||
| CVE-2025-8058 | Med | — | < 2.38-150600.14.37.1 | 2.38-150600.14.37.1 | Jul 23, 2025 | The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow b | |
| CVE-2025-4802 | — | < 2.38-150600.14.32.1 | 2.38-150600.14.32.1 | May 16, 2025 | Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or call | ||
| CVE-2025-0395 | Med | 6.2 | < 2.38-150600.14.23.1 | 2.38-150600.14.23.1 | Jan 22, 2025 | When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size. |
- affected < 2.38-150600.14.46.1fixed 2.38-150600.14.46.1
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.
- affected < 2.38-150600.14.46.1fixed 2.38-150600.14.46.1
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that c
- CVE-2025-15281Jan 20, 2026affected < 2.38-150600.14.40.1fixed 2.38-150600.14.40.1
Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.
- CVE-2026-0915Jan 15, 2026affected < 2.38-150600.14.40.1fixed 2.38-150600.14.40.1
Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.
- CVE-2026-0861Jan 14, 2026affected < 2.38-150600.14.40.1fixed 2.38-150600.14.40.1
Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control
- affected < 2.38-150600.14.37.1fixed 2.38-150600.14.37.1
The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow b
- CVE-2025-4802May 16, 2025affected < 2.38-150600.14.32.1fixed 2.38-150600.14.32.1
Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or call
- affected < 2.38-150600.14.23.1fixed 2.38-150600.14.23.1
When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.