rpm package

suse/glibc&distro=SUSE Linux Enterprise Server 12 SP2-LTSS

pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS

Vulnerabilities (6)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2020-10029	—	< 2.22-113.4	2.22-113.4	Mar 4, 2020	The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is relat
CVE-2019-9169	—	< 2.22-62.22.5	2.22-62.22.5	Feb 26, 2019	In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
CVE-2009-5155	—	< 2.22-62.22.5	2.22-62.22.5	Feb 26, 2019	In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.
CVE-2018-11237	—	< 2.22-62.13.2	2.22-62.13.2	May 18, 2018	An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
CVE-2018-11236	—	< 2.22-62.13.2	2.22-62.13.2	May 18, 2018	stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitra
CVE-2017-18269	—	< 2.22-62.13.2	2.22-62.13.2	May 18, 2018	An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address

CVE-2020-10029Mar 4, 2020
affected < 2.22-113.4fixed 2.22-113.4
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is relat
CVE-2019-9169Feb 26, 2019
affected < 2.22-62.22.5fixed 2.22-62.22.5
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
CVE-2009-5155Feb 26, 2019
affected < 2.22-62.22.5fixed 2.22-62.22.5
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.
CVE-2018-11237May 18, 2018
affected < 2.22-62.13.2fixed 2.22-62.13.2
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
CVE-2018-11236May 18, 2018
affected < 2.22-62.13.2fixed 2.22-62.13.2
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitra
CVE-2017-18269May 18, 2018
affected < 2.22-62.13.2fixed 2.22-62.13.2
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address