Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
amazonAmazonALAS2-2018-1048
HistoryJul 24, 2018 - 4:02 p.m.

Medium: glibc

2018-07-2416:02:00
alas.aws.amazon.com
21

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.7%

JSON

Issue Overview:

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.(CVE-2018-11236)

The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string. (CVE-2017-15670)

The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.(CVE-2017-15804)

An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.(CVE-2017-18269)

Affected Packages:

glibc

Note:

This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.

Issue Correction:
Run yum update glibc to update your system.

New Packages:

i686:  
    glibc-2.26-28.amzn2.0.1.i686  
    libcrypt-2.26-28.amzn2.0.1.i686  
    libcrypt-nss-2.26-28.amzn2.0.1.i686  
    glibc-devel-2.26-28.amzn2.0.1.i686  
    glibc-static-2.26-28.amzn2.0.1.i686  
    glibc-headers-2.26-28.amzn2.0.1.i686  
    glibc-common-2.26-28.amzn2.0.1.i686  
    glibc-locale-source-2.26-28.amzn2.0.1.i686  
    glibc-langpack-eo-2.26-28.amzn2.0.1.i686  
    glibc-langpack-aa-2.26-28.amzn2.0.1.i686  
    glibc-langpack-af-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ak-2.26-28.amzn2.0.1.i686  
    glibc-langpack-am-2.26-28.amzn2.0.1.i686  
    glibc-langpack-an-2.26-28.amzn2.0.1.i686  
    glibc-langpack-anp-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ar-2.26-28.amzn2.0.1.i686  
    glibc-langpack-as-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ast-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ayc-2.26-28.amzn2.0.1.i686  
    glibc-langpack-az-2.26-28.amzn2.0.1.i686  
    glibc-langpack-be-2.26-28.amzn2.0.1.i686  
    glibc-langpack-bem-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ber-2.26-28.amzn2.0.1.i686  
    glibc-langpack-bg-2.26-28.amzn2.0.1.i686  
    glibc-langpack-bhb-2.26-28.amzn2.0.1.i686  
    glibc-langpack-bho-2.26-28.amzn2.0.1.i686  
    glibc-langpack-bn-2.26-28.amzn2.0.1.i686  
    glibc-langpack-bo-2.26-28.amzn2.0.1.i686  
    glibc-langpack-br-2.26-28.amzn2.0.1.i686  
    glibc-langpack-brx-2.26-28.amzn2.0.1.i686  
    glibc-langpack-bs-2.26-28.amzn2.0.1.i686  
    glibc-langpack-byn-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ca-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ce-2.26-28.amzn2.0.1.i686  
    glibc-langpack-chr-2.26-28.amzn2.0.1.i686  
    glibc-langpack-cmn-2.26-28.amzn2.0.1.i686  
    glibc-langpack-crh-2.26-28.amzn2.0.1.i686  
    glibc-langpack-cs-2.26-28.amzn2.0.1.i686  
    glibc-langpack-csb-2.26-28.amzn2.0.1.i686  
    glibc-langpack-cv-2.26-28.amzn2.0.1.i686  
    glibc-langpack-cy-2.26-28.amzn2.0.1.i686  
    glibc-langpack-da-2.26-28.amzn2.0.1.i686  
    glibc-langpack-de-2.26-28.amzn2.0.1.i686  
    glibc-langpack-doi-2.26-28.amzn2.0.1.i686  
    glibc-langpack-dv-2.26-28.amzn2.0.1.i686  
    glibc-langpack-dz-2.26-28.amzn2.0.1.i686  
    glibc-langpack-el-2.26-28.amzn2.0.1.i686  
    glibc-langpack-en-2.26-28.amzn2.0.1.i686  
    glibc-langpack-es-2.26-28.amzn2.0.1.i686  
    glibc-langpack-et-2.26-28.amzn2.0.1.i686  
    glibc-langpack-eu-2.26-28.amzn2.0.1.i686  
    glibc-langpack-fa-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ff-2.26-28.amzn2.0.1.i686  
    glibc-langpack-fi-2.26-28.amzn2.0.1.i686  
    glibc-langpack-fil-2.26-28.amzn2.0.1.i686  
    glibc-langpack-fo-2.26-28.amzn2.0.1.i686  
    glibc-langpack-fr-2.26-28.amzn2.0.1.i686  
    glibc-langpack-fur-2.26-28.amzn2.0.1.i686  
    glibc-langpack-fy-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ga-2.26-28.amzn2.0.1.i686  
    glibc-langpack-gd-2.26-28.amzn2.0.1.i686  
    glibc-langpack-gez-2.26-28.amzn2.0.1.i686  
    glibc-langpack-gl-2.26-28.amzn2.0.1.i686  
    glibc-langpack-gu-2.26-28.amzn2.0.1.i686  
    glibc-langpack-gv-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ha-2.26-28.amzn2.0.1.i686  
    nscd-2.26-28.amzn2.0.1.i686  
    glibc-langpack-hak-2.26-28.amzn2.0.1.i686  
    glibc-langpack-he-2.26-28.amzn2.0.1.i686  
    glibc-langpack-hi-2.26-28.amzn2.0.1.i686  
    glibc-langpack-hne-2.26-28.amzn2.0.1.i686  
    glibc-langpack-hr-2.26-28.amzn2.0.1.i686  
    glibc-langpack-hsb-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ht-2.26-28.amzn2.0.1.i686  
    glibc-langpack-hu-2.26-28.amzn2.0.1.i686  
    glibc-langpack-hy-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ia-2.26-28.amzn2.0.1.i686  
    glibc-langpack-id-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ig-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ik-2.26-28.amzn2.0.1.i686  
    glibc-langpack-is-2.26-28.amzn2.0.1.i686  
    glibc-langpack-it-2.26-28.amzn2.0.1.i686  
    glibc-langpack-iu-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ja-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ka-2.26-28.amzn2.0.1.i686  
    glibc-langpack-kk-2.26-28.amzn2.0.1.i686  
    glibc-langpack-kl-2.26-28.amzn2.0.1.i686  
    glibc-langpack-km-2.26-28.amzn2.0.1.i686  
    glibc-langpack-kn-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ko-2.26-28.amzn2.0.1.i686  
    glibc-langpack-kok-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ks-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ku-2.26-28.amzn2.0.1.i686  
    glibc-langpack-kw-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ky-2.26-28.amzn2.0.1.i686  
    glibc-langpack-lb-2.26-28.amzn2.0.1.i686  
    glibc-langpack-lg-2.26-28.amzn2.0.1.i686  
    glibc-langpack-li-2.26-28.amzn2.0.1.i686  
    glibc-langpack-lij-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ln-2.26-28.amzn2.0.1.i686  
    glibc-langpack-lo-2.26-28.amzn2.0.1.i686  
    glibc-langpack-lt-2.26-28.amzn2.0.1.i686  
    glibc-langpack-lv-2.26-28.amzn2.0.1.i686  
    glibc-langpack-lzh-2.26-28.amzn2.0.1.i686  
    glibc-langpack-mag-2.26-28.amzn2.0.1.i686  
    glibc-langpack-mai-2.26-28.amzn2.0.1.i686  
    glibc-langpack-mg-2.26-28.amzn2.0.1.i686  
    glibc-langpack-mhr-2.26-28.amzn2.0.1.i686  
    glibc-langpack-mi-2.26-28.amzn2.0.1.i686  
    glibc-langpack-mk-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ml-2.26-28.amzn2.0.1.i686  
    glibc-langpack-mn-2.26-28.amzn2.0.1.i686  
    glibc-langpack-mni-2.26-28.amzn2.0.1.i686  
    glibc-langpack-mr-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ms-2.26-28.amzn2.0.1.i686  
    glibc-langpack-mt-2.26-28.amzn2.0.1.i686  
    glibc-langpack-my-2.26-28.amzn2.0.1.i686  
    glibc-langpack-nan-2.26-28.amzn2.0.1.i686  
    glibc-langpack-nb-2.26-28.amzn2.0.1.i686  
    glibc-langpack-nds-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ne-2.26-28.amzn2.0.1.i686  
    glibc-langpack-nhn-2.26-28.amzn2.0.1.i686  
    glibc-langpack-niu-2.26-28.amzn2.0.1.i686  
    glibc-langpack-nl-2.26-28.amzn2.0.1.i686  
    glibc-langpack-nn-2.26-28.amzn2.0.1.i686  
    glibc-langpack-nr-2.26-28.amzn2.0.1.i686  
    glibc-langpack-nso-2.26-28.amzn2.0.1.i686  
    glibc-langpack-oc-2.26-28.amzn2.0.1.i686  
    glibc-langpack-om-2.26-28.amzn2.0.1.i686  
    glibc-langpack-or-2.26-28.amzn2.0.1.i686  
    glibc-langpack-os-2.26-28.amzn2.0.1.i686  
    glibc-langpack-pa-2.26-28.amzn2.0.1.i686  
    glibc-langpack-pap-2.26-28.amzn2.0.1.i686  
    glibc-langpack-pl-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ps-2.26-28.amzn2.0.1.i686  
    glibc-langpack-pt-2.26-28.amzn2.0.1.i686  
    glibc-langpack-quz-2.26-28.amzn2.0.1.i686  
    glibc-langpack-raj-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ro-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ru-2.26-28.amzn2.0.1.i686  
    glibc-langpack-rw-2.26-28.amzn2.0.1.i686  
    glibc-langpack-sa-2.26-28.amzn2.0.1.i686  
    glibc-langpack-sat-2.26-28.amzn2.0.1.i686  
    glibc-langpack-sc-2.26-28.amzn2.0.1.i686  
    glibc-langpack-sd-2.26-28.amzn2.0.1.i686  
    glibc-langpack-se-2.26-28.amzn2.0.1.i686  
    glibc-langpack-sgs-2.26-28.amzn2.0.1.i686  
    glibc-langpack-shs-2.26-28.amzn2.0.1.i686  
    glibc-langpack-si-2.26-28.amzn2.0.1.i686  
    glibc-langpack-sid-2.26-28.amzn2.0.1.i686  
    glibc-langpack-sk-2.26-28.amzn2.0.1.i686  
    glibc-langpack-sl-2.26-28.amzn2.0.1.i686  
    glibc-langpack-so-2.26-28.amzn2.0.1.i686  
    glibc-langpack-sq-2.26-28.amzn2.0.1.i686  
    glibc-langpack-sr-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ss-2.26-28.amzn2.0.1.i686  
    glibc-langpack-st-2.26-28.amzn2.0.1.i686  
    glibc-langpack-sv-2.26-28.amzn2.0.1.i686  
    glibc-langpack-sw-2.26-28.amzn2.0.1.i686  
    glibc-langpack-szl-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ta-2.26-28.amzn2.0.1.i686  
    glibc-langpack-tcy-2.26-28.amzn2.0.1.i686  
    glibc-langpack-te-2.26-28.amzn2.0.1.i686  
    glibc-langpack-tg-2.26-28.amzn2.0.1.i686  
    glibc-langpack-th-2.26-28.amzn2.0.1.i686  
    glibc-langpack-the-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ti-2.26-28.amzn2.0.1.i686  
    glibc-langpack-tig-2.26-28.amzn2.0.1.i686  
    glibc-langpack-tk-2.26-28.amzn2.0.1.i686  
    glibc-langpack-tl-2.26-28.amzn2.0.1.i686  
    glibc-langpack-tn-2.26-28.amzn2.0.1.i686  
    glibc-langpack-tr-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ts-2.26-28.amzn2.0.1.i686  
    glibc-langpack-tt-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ug-2.26-28.amzn2.0.1.i686  
    glibc-langpack-uk-2.26-28.amzn2.0.1.i686  
    glibc-langpack-unm-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ur-2.26-28.amzn2.0.1.i686  
    glibc-langpack-uz-2.26-28.amzn2.0.1.i686  
    glibc-langpack-ve-2.26-28.amzn2.0.1.i686  
    glibc-langpack-vi-2.26-28.amzn2.0.1.i686  
    glibc-langpack-wa-2.26-28.amzn2.0.1.i686  
    glibc-langpack-wae-2.26-28.amzn2.0.1.i686  
    glibc-langpack-wal-2.26-28.amzn2.0.1.i686  
    glibc-langpack-wo-2.26-28.amzn2.0.1.i686  
    glibc-langpack-xh-2.26-28.amzn2.0.1.i686  
    glibc-langpack-yi-2.26-28.amzn2.0.1.i686  
    glibc-langpack-yo-2.26-28.amzn2.0.1.i686  
    glibc-langpack-yue-2.26-28.amzn2.0.1.i686  
    glibc-langpack-zh-2.26-28.amzn2.0.1.i686  
    glibc-langpack-zu-2.26-28.amzn2.0.1.i686  
    glibc-all-langpacks-2.26-28.amzn2.0.1.i686  
    glibc-minimal-langpack-2.26-28.amzn2.0.1.i686  
    nss_db-2.26-28.amzn2.0.1.i686  
    nss_nis-2.26-28.amzn2.0.1.i686  
    nss_hesiod-2.26-28.amzn2.0.1.i686  
    glibc-nss-devel-2.26-28.amzn2.0.1.i686  
    glibc-utils-2.26-28.amzn2.0.1.i686  
    glibc-debuginfo-2.26-28.amzn2.0.1.i686  
    glibc-debuginfo-common-2.26-28.amzn2.0.1.i686  
    glibc-benchtests-2.26-28.amzn2.0.1.i686  
  
src:  
    glibc-2.26-28.amzn2.0.1.src  
  
x86_64:  
    glibc-2.26-28.amzn2.0.1.x86_64  
    libcrypt-2.26-28.amzn2.0.1.x86_64  
    libcrypt-nss-2.26-28.amzn2.0.1.x86_64  
    glibc-devel-2.26-28.amzn2.0.1.x86_64  
    glibc-static-2.26-28.amzn2.0.1.x86_64  
    glibc-headers-2.26-28.amzn2.0.1.x86_64  
    glibc-common-2.26-28.amzn2.0.1.x86_64  
    glibc-locale-source-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-eo-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-aa-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-af-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ak-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-am-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-an-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-anp-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ar-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-as-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ast-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ayc-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-az-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-be-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-bem-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ber-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-bg-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-bhb-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-bho-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-bn-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-bo-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-br-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-brx-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-bs-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-byn-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ca-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ce-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-chr-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-cmn-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-crh-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-cs-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-csb-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-cv-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-cy-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-da-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-de-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-doi-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-dv-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-dz-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-el-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-en-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-es-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-et-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-eu-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-fa-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ff-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-fi-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-fil-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-fo-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-fr-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-fur-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-fy-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ga-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-gd-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-gez-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-gl-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-gu-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-gv-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ha-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-hak-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-he-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-hi-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-hne-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-hr-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-hsb-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ht-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-hu-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-hy-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ia-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-id-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ig-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ik-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-is-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-it-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-iu-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ja-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ka-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-kk-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-kl-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-km-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-kn-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ko-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-kok-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ks-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ku-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-kw-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ky-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-lb-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-lg-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-li-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-lij-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ln-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-lo-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-lt-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-lv-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-lzh-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-mag-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-mai-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-mg-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-mhr-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-mi-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-mk-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ml-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-mn-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-mni-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-mr-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ms-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-mt-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-my-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-nan-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-nb-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-nds-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ne-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-nhn-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-niu-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-nl-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-nn-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-nr-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-nso-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-oc-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-om-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-or-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-os-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-pa-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-pap-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-pl-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ps-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-pt-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-quz-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-raj-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ro-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ru-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-rw-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-sa-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-sat-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-sc-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-sd-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-se-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-sgs-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-shs-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-si-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-sid-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-sk-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-sl-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-so-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-sq-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-sr-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ss-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-st-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-sv-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-sw-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-szl-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ta-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-tcy-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-te-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-tg-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-th-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-the-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ti-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-tig-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-tk-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-tl-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-tn-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-tr-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ts-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-tt-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ug-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-uk-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-unm-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ur-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-uz-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-ve-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-vi-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-wa-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-wae-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-wal-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-wo-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-xh-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-yi-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-yo-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-yue-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-zh-2.26-28.amzn2.0.1.x86_64  
    glibc-langpack-zu-2.26-28.amzn2.0.1.x86_64  
    glibc-all-langpacks-2.26-28.amzn2.0.1.x86_64  
    glibc-minimal-langpack-2.26-28.amzn2.0.1.x86_64  
    nscd-2.26-28.amzn2.0.1.x86_64  
    nss_db-2.26-28.amzn2.0.1.x86_64  
    nss_nis-2.26-28.amzn2.0.1.x86_64  
    nss_hesiod-2.26-28.amzn2.0.1.x86_64  
    glibc-nss-devel-2.26-28.amzn2.0.1.x86_64  
    glibc-utils-2.26-28.amzn2.0.1.x86_64  
    glibc-debuginfo-2.26-28.amzn2.0.1.x86_64  
    glibc-debuginfo-common-2.26-28.amzn2.0.1.x86_64  
    glibc-benchtests-2.26-28.amzn2.0.1.x86_64

Additional References

Red Hat: CVE-2017-15670, CVE-2017-15804, CVE-2017-18269, CVE-2018-11236

Mitre: CVE-2017-15670, CVE-2017-15804, CVE-2017-18269, CVE-2018-11236

OSVersionArchitecturePackageVersionFilename
Amazon Linux2i686glibc< 2.26-28.amzn2.0.1glibc-2.26-28.amzn2.0.1.i686.rpm
Amazon Linux2i686libcrypt< 2.26-28.amzn2.0.1libcrypt-2.26-28.amzn2.0.1.i686.rpm
Amazon Linux2i686libcrypt-nss< 2.26-28.amzn2.0.1libcrypt-nss-2.26-28.amzn2.0.1.i686.rpm
Amazon Linux2i686glibc-devel< 2.26-28.amzn2.0.1glibc-devel-2.26-28.amzn2.0.1.i686.rpm
Amazon Linux2i686glibc-static< 2.26-28.amzn2.0.1glibc-static-2.26-28.amzn2.0.1.i686.rpm
Amazon Linux2i686glibc-headers< 2.26-28.amzn2.0.1glibc-headers-2.26-28.amzn2.0.1.i686.rpm
Amazon Linux2i686glibc-common< 2.26-28.amzn2.0.1glibc-common-2.26-28.amzn2.0.1.i686.rpm
Amazon Linux2i686glibc-locale-source< 2.26-28.amzn2.0.1glibc-locale-source-2.26-28.amzn2.0.1.i686.rpm
Amazon Linux2i686glibc-langpack-eo< 2.26-28.amzn2.0.1glibc-langpack-eo-2.26-28.amzn2.0.1.i686.rpm
Amazon Linux2i686glibc-langpack-aa< 2.26-28.amzn2.0.1glibc-langpack-aa-2.26-28.amzn2.0.1.i686.rpm
Rows per page:
1-10 of 4021

Related

nessus 59
altlinux 2
oraclelinux 6
ibm 29
centos 3
openvas 32
mageia 3
redhat 3
suse 4
cve 4
photon 9
f5 4
ubuntucve 4
debiancve 4
prion 4
redhatcve 4
osv 4
fedora 6
veracode 3
amazon 2
cloudfoundry 2
ubuntu 2
archlinux 2
gentoo 1
hackerone 1
oracle 1
nessus
nessus
Amazon Linux 2 : glibc (ALAS-2018-1048)
2018-07-26 00:00:00
OracleVM 3.3 / 3.4 : glibc (OVMSA-2018-0235)
2018-07-03 00:00:00
CentOS 6 : glibc (CESA-2018:1879)
2018-06-22 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package glibc version 6:2.17-alt8.M70P.2
2017-10-27 00:00:00
Security fix for the ALT Linux 9 package glibc version 6:2.25-alt3
2017-10-26 00:00:00
oraclelinux
oraclelinux
glibc security update
2018-06-28 00:00:00
glibc security and bug fix update
2018-06-25 00:00:00
glibc security update
2018-04-18 00:00:00
ibm
ibm
Security Bulletin: IBM Security Guardium is affected by a Using Components (glibc) with Known Vulnerabilities vulnerability
2018-12-19 20:40:01
Security Bulletin: Open Source GNU glibc Vulnerabilities affect IBM Netezza Host Management
2019-10-18 03:36:34
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in GNU C Library (CVE-2017-15804 CVE-2017-15670 CVE-2015-5180)
2023-12-07 22:45:02
centos
centos
glibc, nscd security update
2018-06-21 11:55:22
glibc, nscd security update
2018-04-26 17:41:43
glibc, nscd security update
2018-11-15 18:45:43
openvas
openvas
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2017-1268)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2017-1267)
2020-01-23 00:00:00
Mageia: Security Advisory (MGASA-2018-0293)
2022-01-28 00:00:00
mageia
mageia
Updated glibc packages fix security vulnerabilities
2018-06-25 01:02:29
Updated glibc packages fix security vulnerabilities
2017-12-22 13:31:08
Updated glibc packages fix security vulnerabilities
2017-12-28 16:16:56
redhat
redhat
(RHSA-2018:1879) Moderate: glibc security and bug fix update
2018-06-19 02:11:42
(RHSA-2018:0805) Moderate: glibc security, bug fix, and enhancement update
2018-04-10 05:01:26
(RHSA-2018:3092) Moderate: glibc security, bug fix, and enhancement update
2018-10-30 04:18:01
suse
suse
Security update for glibc (important)
2018-06-08 00:15:00
Security update for glibc (moderate)
2018-08-01 18:08:08
Security update for glibc (important)
2018-01-12 15:10:02
cve
cve
CVE-2017-18269
2018-05-18 16:29:00
CVE-2017-15670
2017-10-20 17:29:00
CVE-2017-15804
2017-10-22 20:29:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0155
2018-06-29 00:00:00
Critical Photon OS Security Update - PHSA-2017-0082
2017-11-08 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0159
2018-07-10 00:00:00
f5
f5
K13255123 : glibc vulnerability CVE-2017-18269
2018-07-02 00:00:00
K19707805 : glibc vulnerability CVE-2017-15804
2018-03-19 00:00:00
K35129173 : GNU C Library (glibc) vulnerability CVE-2017-15670
2017-11-27 00:00:00
ubuntucve
ubuntucve
CVE-2017-18269
2018-05-18 00:00:00
CVE-2017-15804
2017-10-22 00:00:00
CVE-2017-15670
2017-10-20 00:00:00
debiancve
debiancve
CVE-2017-18269
2018-05-18 16:29:00
CVE-2017-15670
2017-10-20 17:29:00
CVE-2017-15804
2017-10-22 20:29:00
prion
prion
Code injection
2018-05-18 16:29:00
Buffer overflow
2017-10-22 20:29:00
Heap overflow
2017-10-20 17:29:00
redhatcve
redhatcve
CVE-2017-18269
2020-04-08 20:59:28
CVE-2017-15804
2017-10-23 09:19:26
CVE-2017-15670
2017-10-20 17:19:16
osv
osv
CVE-2017-18269
2018-05-18 16:29:00
CVE-2017-15804
2017-10-22 20:29:02
CVE-2017-15670
2017-10-20 17:29:00
fedora
fedora
[SECURITY] Fedora 26 Update: glibc-2.25-13.fc26
2018-01-23 21:22:41
[SECURITY] Fedora 27 Update: glibc-2.26-30.fc27
2018-09-07 15:25:49
[SECURITY] Fedora 27 Update: glibc-2.26-20.fc27
2017-12-19 19:55:45
veracode
veracode
Arbitrary Code Execution
2019-05-16 02:50:42
Arbitrary Code Execution
2019-01-15 09:23:51
Arbitrary Code Execution
2019-05-16 03:18:40
amazon
amazon
Important: glibc
2018-05-10 17:45:00
Medium: glibc
2018-12-06 00:24:00
cloudfoundry
cloudfoundry
USN-3534-1: GNU C Library vulnerabilities | Cloud Foundry
2018-02-01 00:00:00
USN-4416-1: GNU C Library vulnerabilities | Cloud Foundry
2020-08-27 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2018-01-17 00:00:00
GNU C Library vulnerabilities
2020-07-06 00:00:00
archlinux
archlinux
[ASA-201801-8] lib32-glibc: multiple issues
2018-01-10 00:00:00
[ASA-201801-9] glibc: multiple issues
2018-01-10 00:00:00
gentoo
gentoo
glibc: Multiple vulnerabilities
2018-04-04 00:00:00
hackerone
hackerone
GitLab: Container scanning and Dependency scanning report leaked to unauthorized users
2019-08-19 22:30:30
oracle
oracle
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.7%

JSON
Related for ALAS2-2018-1048
nessus59altlinux2oraclelinux6ibm29centos3openvas32mageia3redhat3suse4cve4photon9f54ubuntucve4debiancve4prion4redhatcve4osv4fedora6veracode3amazon2cloudfoundry2ubuntu2archlinux2gentoo1hackerone1oracle1