rpm package
suse/glibc&distro=SUSE OpenStack Cloud 6
pkg:rpm/suse/glibc&distro=SUSE%20OpenStack%20Cloud%206
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-1000001 | — | < 2.19-40.9.5 | 2.19-40.9.5 | Jan 31, 2018 | In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. | ||
| CVE-2017-1000366 | Hig | 7.8 | < 2.19-40.6.1 | 2.19-40.6.1 | Jun 19, 2017 | glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulatio |
- CVE-2018-1000001Jan 31, 2018affected < 2.19-40.9.5fixed 2.19-40.9.5
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
- affected < 2.19-40.6.1fixed 2.19-40.6.1
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulatio