Broadcom Security ResponseBSNSA22350

HistoryAug 01, 2023 - 12:00 a.m.

GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow

2023-08-0100:00:00

Broadcom Security Response

support.broadcom.com

9.6 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.6%

JSON

The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

nessus 39

cve 1

ibm 9

prion 1

redhatcve 1

veracode 1

ubuntucve 1

debiancve 1

cbl_mariner 2

osv 6

oraclelinux 4

openvas 25

photon 6

cloudlinux 1

f5 1

mageia 1

amazon 2

rocky 1

suse 1

almalinux 1

ubuntu 2

redhat 10

redos 1

fedora 2

gentoo 1

ics 3

cloudfoundry 1

debian 1

oracle 4

avleonov 1

nessus

Amazon Linux 2022 : (ALAS2022-2022-130)

2022-09-06 00:00:00

Amazon Linux 2022 : (ALAS2022-2022-197)

2022-11-04 00:00:00

Amazon Linux 2023 : compat-libpthread-nonshared, glibc, glibc-all-langpacks (ALAS2023-2023-060)

2023-03-21 00:00:00

cve

CVE-2022-23219

2022-01-14 07:15:00

ibm

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability

2022-04-20 14:05:04

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to stack-based buffer overflow in GNU C Library (CVE-2022-23219)

2023-01-12 21:59:00

Security Bulletin: IBM MQ Operator and IBM supplied MQ Advanced container images are vulnerable to multiple issues from Red Hat UBI packages and the IBM WebSphere Application Server Liberty

2022-05-16 08:18:44

prion

Buffer overflow

2022-01-14 07:15:00

redhatcve

CVE-2022-23219

2022-01-18 17:53:54

veracode

Denial Of Service (DoS)

2022-04-10 00:42:54

ubuntucve

CVE-2022-23219

2022-01-14 00:00:00

debiancve

CVE-2022-23219

2022-01-14 07:15:00

cbl_mariner

CVE-2022-23219 affecting package glibc 2.34-3

2022-04-26 20:17:01

CVE-2022-23219 affecting package glibc 2.28-24

2022-02-25 01:45:44

osv

CVE-2022-23219

2022-01-14 07:15:08

glibc vulnerabilities

2022-03-07 14:01:17

Moderate: glibc security update

2022-03-15 09:12:12

oraclelinux

glibc security update

2022-05-18 00:00:00

glibc security update

2022-05-20 00:00:00

glibc security update

2022-03-19 00:00:00

openvas

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2022-2051)

2022-07-14 00:00:00

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2022-1504)

2022-04-20 00:00:00

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2022-1629)

2022-05-05 00:00:00

photon

Critical Photon OS Security Update - PHSA-2022-0155

2022-02-17 00:00:00

Critical Photon OS Security Update - PHSA-2022-4.0-0155

2022-02-19 00:00:00

Critical Photon OS Security Update - PHSA-2022-0465

2022-01-26 00:00:00

cloudlinux

Fix of CVE: CVE-2022-23218, CVE-2022-23219

2022-02-02 16:15:16

K52308021 : GNU C Library (glibc) vulnerabilities CVE-2022-23218 and CVE-2022-23219

2022-04-29 00:00:00

mageia

Updated glibc packages fix security vulnerabilities

2022-01-23 23:50:05

amazon

Medium: glibc

2022-04-04 23:46:00

Medium: glibc

2022-04-04 23:20:00

rocky

glibc security update

2022-03-15 09:12:12

suse

Security update for glibc (important)

2022-02-04 00:00:00

almalinux

Moderate: glibc security update

2022-03-15 09:12:12

ubuntu

GNU C Library vulnerabilities

2022-03-07 00:00:00

GNU C Library vulnerabilities

2022-03-01 00:00:00

redhat

(RHSA-2022:0896) Moderate: glibc security update

2022-03-15 09:12:12

(RHSA-2022:1039) Important: Red Hat OpenShift GitOps security update

2022-03-23 21:13:24

(RHSA-2022:1747) Low: Release of OpenShift Serverless Version 1.22.0

2022-05-09 12:15:21

redos

ROS-20220323-02

2022-03-23 00:00:00

fedora

[SECURITY] Fedora 35 Update: glibc-2.34-24.fc35

2022-02-04 01:25:20

[SECURITY] Fedora 34 Update: glibc-2.33-21.fc34

2022-02-03 01:12:32

gentoo

GNU C Library: Multiple Vulnerabilities

2022-08-14 00:00:00

ics

Siemens SIMATIC MV500

2023-11-16 12:00:00

Siemens SIMATIC S7-1500 TM MFP BIOS

2023-06-15 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

cloudfoundry

USN-5310-1: GNU C Library vulnerabilities | Cloud Foundry

2023-05-18 00:00:00

debian

[SECURITY] [DLA 3152-1] glibc security update

2022-10-17 15:54:41

oracle

Oracle Critical Patch Update Advisory - January 2023

2023-01-17 00:00:00

Oracle Critical Patch Update Advisory - October 2022

2022-10-18 00:00:00

Oracle Critical Patch Update Advisory - July 2022

2022-07-19 00:00:00

avleonov

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

2022-12-30 18:03:13

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.6 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.6%

JSON

Related for BSNSA22350