CVE-2018-1000001
published 2018-01-31CVE-2018-1000001: In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a…
high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
EXPLOIT
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | glibc | < glibc 2.26-4 (bookworm) | glibc 2.26-4 (bookworm) |
| eglibc | eglibc | >= 0 < 2.19-0ubuntu6.14 | 2.19-0ubuntu6.14 |
| gnu | glibc | <= 2.26 | — |
| gnu | glibc | >= 0 < 2.26-4 | 2.26-4 |
| gnu | glibc | >= 0 < 2.26-4 | 2.26-4 |
| gnu | glibc | >= 0 < 2.26-4 | 2.26-4 |
| gnu | glibc | >= 0 < 2.26-4 | 2.26-4 |
| gnu | glibc | >= 0 < 2.23-0ubuntu10 | 2.23-0ubuntu10 |
| musl-libc | musl | >= 0 < 0.9.15-1ubuntu0.1~esm1 | 0.9.15-1ubuntu0.1~esm1 |
| musl-libc | musl | >= 0 < 1.1.9-1ubuntu0.1~esm2 | 1.1.9-1ubuntu0.1~esm2 |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_server_eus | — | — |
| redhat | enterprise_linux_server_tus | — | — |
| redhat | enterprise_linux_workstation | — | — |
| redhat | virtualization_host | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL
vulncheck7.8HIGH