Gnu Glibc vulnerabilities

165 known vulnerabilities affecting gnu/glibc.

Total CVEs

165

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL23HIGH64MEDIUM69LOW9

Vulnerabilities

Page 8 of 9

CVE-2010-3192MEDIUMCVSS 5.0fixed in 2.262010-10-14

CVE-2010-3192 [MEDIUM] CWE-200 CVE-2010-3192: Certain run-time memory protection mechanisms in the GNU C Library (aka glibc or libc6) print argv[0 Certain run-time memory protection mechanisms in the GNU C Library (aka glibc or libc6) print argv[0] and backtrace information, which might allow context-dependent attackers to obtain sensitive information from process memory by executing an incorrect program, as demonstrated by a setuid program that contains a stack-based buffer overflow error, rela

nvd

CVE-2010-0296HIGHCVSS 7.2≤ 2.11.1v2.0+37 more2010-06-01

CVE-2010-0296 [HIGH] CWE-20 CVE-2010-0296: The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlie The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount reque

nvdosv

CVE-2010-0830MEDIUMCVSS 5.1v2.0.1v2.0.2+36 more2010-06-01

CVE-2010-0830 [MEDIUM] CWE-189 CVE-2010-0830: Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF hea

nvdosv

CVE-2009-4881MEDIUMCVSS 5.0≤ 2.9v1.00+44 more2010-06-01

CVE-2009-4881 [MEDIUM] CVE-2009-4881: Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6) before 2.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted format string, as demonstrated by the %99999999999999999999n string, a related issue to CVE-2008-1391.

nvdosv

CVE-2009-4880MEDIUMCVSS 5.0PoC≤ 2.10.1v2.0+35 more2010-06-01

CVE-2009-4880 [MEDIUM] CVE-2009-4880: Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2 Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow context-dependent attackers to cause a denial of service (memory consumption or application crash) via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-

nvdosv

CVE-2010-0015HIGHCVSS 7.5v2.7v2.10.22010-01-14

CVE-2010-0015 [HIGH] CWE-255 CVE-2010-0015: nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10 nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function.

nvdosv

CVE-2008-1391HIGHCVSS 7.5PoC≥ 0, < 2.11-12008-03-27

CVE-2008-1391 [HIGH] CVE-2008-1391: Multiple integer overflows in libc in NetBSD 4 Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to (1) the strfmon function in lib/libc/stdlib/strfmon.c, related to the GET_NUMBER macro; and (2) the printf function, related to left_prec and right_prec.

osv

CVE-2008-1367HIGHCVSS 7.5≥ 0, < 2.7-82008-03-17

CVE-2008-1367 [HIGH] CVE-2008-1367: gcc 4 gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signal handling in the Linux kernel, which might allow context-dependent attackers to trigger memory corruption. NOTE: this issue was originally reported for CPU co

osv

CVE-2008-0122CRITICALCVSS 10.0≥ 0, < 2.2-12008-01-16

CVE-2008-0122 [CRITICAL] CVE-2008-0122: Off-by-one error in the inet_network function in libbind in ISC BIND 9 Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.

osv

CVE-2007-4840MEDIUMCVSS 5.0≥ 0, < 2.7-12007-09-12

CVE-2007-4840 [MEDIUM] CVE-2007-4840: PHP 5 PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the out_charset parameter to the iconv function; or a long string in the charset parameter to the (2) iconv_mime_decode_headers, (3) iconv_mime_decode, or (4) iconv_strlen function. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated

osv

CVE-2007-3508HIGHCVSS 7.2≥ 0, < 2.6-22007-07-03

CVE-2007-3508 [HIGH] CVE-2007-3508: Integer overflow in the process_envvars function in elf/rtld Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution

osv

CVE-2004-0968LOWCVSS 2.1v2.0v2.0.1+24 more2005-02-09

CVE-2004-0968 [LOW] CVE-2004-0968: The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.

nvdosv

CVE-2004-1453LOWCVSS 2.1v2.0v2.0.1+23 more2004-12-31

CVE-2004-1453 [LOW] CVE-2004-1453: GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.

nvdosv

CVE-2004-1382LOWCVSS 2.1v2.0v2.0.1+24 more2004-12-31

CVE-2004-1382 [LOW] CVE-2004-1382: The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.

nvdosv

CVE-2003-0859MEDIUMCVSS 4.9v2.3.22003-12-15

CVE-2003-0859 [MEDIUM] CVE-2003-0859: The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial o The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.

nvd

CVE-2003-0689HIGHCVSS 7.5≥ 0, < 2.2.52003-10-20

CVE-2003-0689 [HIGH] CVE-2003-0689: The getgrouplist function in GNU libc (glibc) 2 The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.

osv

CVE-2003-0028HIGHCVSS 7.5v2.1v2.1.1+11 more2003-03-25

CVE-2003-0028 [HIGH] CVE-2003-0028: Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external d Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

nvd

CVE-2002-1265MEDIUMCVSS 5.0v2.0v2.0.1+18 more2002-11-12

CVE-2002-1265 [MEDIUM] CVE-2002-1265: The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism whe The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).

nvd

CVE-2002-1146MEDIUMCVSS 5.0≤ 2.2.52002-10-11

CVE-2002-1146 [MEDIUM] CVE-2002-1146: The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earli The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (cr

nvdosv

CVE-2002-0391CRITICALCVSS 9.8≥ 0, < 2.2.5-132002-08-12

CVE-2002-0391 [CRITICAL] CVE-2002-0391: Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, al Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.

osv

← Previous8 / 9Next →