Search CVE reports
21 – 30 of 146 results
CVE-2016-20013
Negligible prioritysha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.
8 affected packages
dietlibc, eglibc, glibc, sssd, syslinux...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| dietlibc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| sssd | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| syslinux | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| syslinux-legacy | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| uclibc | — | — | — | — | Ignored |
| zabbix | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-3999
Medium prioritySome fixes available 5 of 6
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Not affected | Not affected | Fixed | Fixed | Fixed |
CVE-2021-3998
Medium prioritySome fixes available 1 of 2
A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | Not in release | Not in release | Not in release | Not in release |
| glibc | — | Not affected | Not affected | Not affected | Not affected |
CVE-2022-23219
Low prioritySome fixes available 4 of 5
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow,...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Not affected | Not affected | Fixed | Fixed | Fixed |
CVE-2022-23218
Low prioritySome fixes available 4 of 5
The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow,...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Not affected | Not affected | Fixed | Fixed | Fixed |
CVE-2021-43396
Medium priority** DISPUTED ** In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset....
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | Not in release | Not in release | Not in release | Not in release |
| glibc | — | Not affected | Not affected | Not affected | Not affected |
CVE-2021-38604
Medium priorityIn librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | Not in release | Not in release | Not in release | Not in release |
| glibc | — | Not affected | Not affected | Not affected | Not affected |
CVE-2021-35942
Low prioritySome fixes available 3 of 6
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Not affected | Not affected | Fixed | Fixed | Fixed |
CVE-2021-33574
Low priorityThe mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | — | Not in release | Not in release | Not in release | Not in release |
| glibc | — | Not affected | Ignored | Ignored | Ignored |
CVE-2020-27618
Low prioritySome fixes available 3 of 5
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state,...
2 affected packages
eglibc, glibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| eglibc | Not in release | Not in release | Not in release | Not in release | Not in release |
| glibc | Not affected | Not affected | Fixed | Fixed | Fixed |