Gnu Glibc vulnerabilities

CVE-2015-8982 [HIGH] CWE-190 CVE-2015-8982: Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allow Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.

CVE-2016-10228 [MEDIUM] CWE-20 CVE-2016-10228: The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with mult The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.

CVE-2016-5417 [HIGH] CWE-399 CVE-2016-5417: Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service (memory consumption) by leveraging partial initialization of internal resolver data structures.

CVE-2016-6323 [HIGH] CWE-284 CVE-2016-6323: The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution con The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation.

CVE-2016-3706 [HIGH] CVE-2016-3706: Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458.

CVE-2016-4429 [MEDIUM] CWE-787 CVE-2016-4429: Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library ( Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets.

CVE-2016-3075 [HIGH] CWE-119 CVE-2016-3075: Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Libr Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name.

CVE-2016-1234 [HIGH] CWE-119 CVE-2016-1234: Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, whe Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name.

CVE-2015-8778 [CRITICAL] CWE-119 CVE-2015-8778: Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent atta Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.

CVE-2015-8776 [CRITICAL] CWE-189 CVE-2015-8776: The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.

CVE-2015-8779 [CRITICAL] CWE-119 CVE-2015-8779: Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.

CVE-2014-9761 [CRITICAL] CWE-119 CVE-2014-9761: Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow co Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.

CVE-2015-7547 [HIGH] CWE-119 CVE-2015-7547: Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or A

CVE-2015-8777 [MEDIUM] CWE-254 CVE-2015-8777: The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 all The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.

CVE-2015-5277 [HIGH] CWE-119 CVE-2015-5277: The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.

CVE-2015-1781 [MEDIUM] CWE-119 CVE-2015-1781: Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.

CVE-2013-7424 [MEDIUM] CWE-17 CVE-2013-7424: The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to ping6.

CVE-2015-1472 [HIGH] CWE-119 CVE-2015-1472: The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly

CVE-2015-1473 [MEDIUM] CWE-119 CVE-2015-1473: The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boun

CVE-2014-8121 [MEDIUM] CWE-17 CVE-2014-8121: DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or l DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.