rpm package
suse/glibc&distro=SUSE Linux Enterprise Server 11 SP3-TERADATA
pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA
Vulnerabilities (20)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-11236 | — | < 2.11.3-17.110.14.1 | 2.11.3-17.110.14.1 | May 18, 2018 | stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitra | ||
| CVE-2018-6551 | — | < 2.11.3-17.110.6.2 | 2.11.3-17.110.6.2 | Feb 2, 2018 | The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requ | ||
| CVE-2018-6485 | — | < 2.11.3-17.110.6.2 | 2.11.3-17.110.6.2 | Feb 1, 2018 | An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption. | ||
| CVE-2018-1000001 | — | < 2.11.3-17.110.3.1 | 2.11.3-17.110.3.1 | Jan 31, 2018 | In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. | ||
| CVE-2017-15804 | Cri | 9.8 | < 2.11.3-17.110.19.2 | 2.11.3-17.110.19.2 | Oct 22, 2017 | The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator. | |
| CVE-2017-15671 | Med | 5.9 | < 2.11.3-17.110.24.2 | 2.11.3-17.110.24.2 | Oct 20, 2017 | The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak). | |
| CVE-2017-15670 | Cri | 9.8 | < 2.11.3-17.110.19.2 | 2.11.3-17.110.19.2 | Oct 20, 2017 | The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string. | |
| CVE-2017-12132 | Med | 5.9 | < 2.11.3-17.110.6.2 | 2.11.3-17.110.6.2 | Aug 1, 2017 | The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation. | |
| CVE-2015-5180 | Hig | 7.5 | < 2.11.3-17.110.19.2 | 2.11.3-17.110.19.2 | Jun 27, 2017 | res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash). | |
| CVE-2017-1000366 | Hig | 7.8 | < 2.11.3-17.109.1 | 2.11.3-17.109.1 | Jun 19, 2017 | glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulatio | |
| CVE-2017-8804 | Hig | 7.5 | < 2.11.3-17.110.6.2 | 2.11.3-17.110.6.2 | May 7, 2017 | The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) v | |
| CVE-2015-8779 | Cri | 9.8 | < 2.11.3-17.95.2 | 2.11.3-17.95.2 | Apr 19, 2016 | Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name. | |
| CVE-2015-8778 | Cri | 9.8 | < 2.11.3-17.95.2 | 2.11.3-17.95.2 | Apr 19, 2016 | Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memor | |
| CVE-2015-8776 | Cri | 9.1 | < 2.11.3-17.95.2 | 2.11.3-17.95.2 | Apr 19, 2016 | The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value. | |
| CVE-2014-9761 | Cri | 9.8 | < 2.11.3-17.95.2 | 2.11.3-17.95.2 | Apr 19, 2016 | Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function. | |
| CVE-2015-7547 | Hig | 8.1 | < 2.11.3-17.95.2 | 2.11.3-17.95.2 | Feb 18, 2016 | Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS respo | |
| CVE-2015-8777 | Med | 5.5 | < 2.11.3-17.95.2 | 2.11.3-17.95.2 | Jan 20, 2016 | The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable. | |
| CVE-2015-1781 | — | < 2.11.3-17.87.3 | 2.11.3-17.87.3 | Sep 28, 2015 | Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call wit | ||
| CVE-2014-8121 | — | < 2.11.3-17.87.3 | 2.11.3-17.87.3 | Mar 27, 2015 | DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database w | ||
| CVE-2013-2207 | — | < 2.11.3-17.87.3 | 2.11.3-17.87.3 | Oct 9, 2013 | pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system. |
- CVE-2018-11236May 18, 2018affected < 2.11.3-17.110.14.1fixed 2.11.3-17.110.14.1
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitra
- CVE-2018-6551Feb 2, 2018affected < 2.11.3-17.110.6.2fixed 2.11.3-17.110.6.2
The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requ
- CVE-2018-6485Feb 1, 2018affected < 2.11.3-17.110.6.2fixed 2.11.3-17.110.6.2
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.
- CVE-2018-1000001Jan 31, 2018affected < 2.11.3-17.110.3.1fixed 2.11.3-17.110.3.1
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
- affected < 2.11.3-17.110.19.2fixed 2.11.3-17.110.19.2
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.
- affected < 2.11.3-17.110.24.2fixed 2.11.3-17.110.24.2
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak).
- affected < 2.11.3-17.110.19.2fixed 2.11.3-17.110.19.2
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.
- affected < 2.11.3-17.110.6.2fixed 2.11.3-17.110.6.2
The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.
- affected < 2.11.3-17.110.19.2fixed 2.11.3-17.110.19.2
res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).
- affected < 2.11.3-17.109.1fixed 2.11.3-17.109.1
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulatio
- affected < 2.11.3-17.110.6.2fixed 2.11.3-17.110.6.2
The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) v
- affected < 2.11.3-17.95.2fixed 2.11.3-17.95.2
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.
- affected < 2.11.3-17.95.2fixed 2.11.3-17.95.2
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memor
- affected < 2.11.3-17.95.2fixed 2.11.3-17.95.2
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.
- affected < 2.11.3-17.95.2fixed 2.11.3-17.95.2
Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.
- affected < 2.11.3-17.95.2fixed 2.11.3-17.95.2
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS respo
- affected < 2.11.3-17.95.2fixed 2.11.3-17.95.2
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.
- CVE-2015-1781Sep 28, 2015affected < 2.11.3-17.87.3fixed 2.11.3-17.87.3
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call wit
- CVE-2014-8121Mar 27, 2015affected < 2.11.3-17.87.3fixed 2.11.3-17.87.3
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database w
- CVE-2013-2207Oct 9, 2013affected < 2.11.3-17.87.3fixed 2.11.3-17.87.3
pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system.