Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-5310-1.NASL
HistoryMar 01, 2022 - 12:00 a.m.

Ubuntu 18.04 LTS / 20.04 LTS : GNU C Library vulnerabilities (USN-5310-1)

2022-03-0100:00:00
Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
JSON

The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5310-1 advisory.

  • The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service. (CVE-2016-10228)

  • The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi- byte input sequences in the EUC-KR encoding, may have a buffer over-read. (CVE-2019-25013)

  • An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the ‘num’ parameter results in a signed comparison vulnerability. If an attacker underflows the ‘num’ parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out- of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred.
    The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data. (CVE-2020-6096)

  • The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228. (CVE-2020-27618)

  • The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. (CVE-2020-29562)

  • The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. (CVE-2021-3326)

  • The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.
    (CVE-2021-27645)

  • The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations. (CVE-2021-35942)

  • The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. (CVE-2022-23218)

  • The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. (CVE-2022-23219)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-5310-1. The text
# itself is copyright (C) Canonical, Inc. See
# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(158502);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/16");

  script_cve_id(
    "CVE-2016-10228",
    "CVE-2019-25013",
    "CVE-2020-6096",
    "CVE-2020-27618",
    "CVE-2020-29562",
    "CVE-2021-3326",
    "CVE-2021-3998",
    "CVE-2021-3999",
    "CVE-2021-27645",
    "CVE-2021-35942",
    "CVE-2022-23218",
    "CVE-2022-23219"
  );
  script_xref(name:"USN", value:"5310-1");

  script_name(english:"Ubuntu 18.04 LTS / 20.04 LTS : GNU C Library vulnerabilities (USN-5310-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.10 host has packages installed that are affected by multiple
vulnerabilities as referenced in the USN-5310-1 advisory.

  - The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple
    suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite
    loop when processing invalid multi-byte input sequences, leading to a denial of service. (CVE-2016-10228)

  - The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-
    byte input sequences in the EUC-KR encoding, may have a buffer over-read. (CVE-2019-25013)

  - An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc
    2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative
    value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the
    'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-
    of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows
    for program execution to continue in scenarios where a segmentation fault or crash should have occurred.
    The dangers occur in that subsequent execution and iterations of this code will be executed with this
    corrupted data. (CVE-2020-6096)

  - The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid
    multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance
    the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a
    different vulnerability from CVE-2016-10228. (CVE-2020-27618)

  - The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text
    containing an irreversible character, fails an assertion in the code path and aborts the program,
    potentially resulting in a denial of service. (CVE-2020-29562)

  - The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid
    input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program,
    potentially resulting in a denial of service. (CVE-2021-3326)

  - The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when
    processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in
    degraded service or Denial of Service on the local system. This is related to netgroupcache.c.
    (CVE-2021-27645)

  - The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in
    parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in
    a denial of service or disclosure of information. This occurs because atoi was used but strtoul should
    have been used to ensure correct calculations. (CVE-2021-35942)

  - The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc)
    through 2.34 copies its path argument on the stack without validating its length, which may result in a
    buffer overflow, potentially resulting in a denial of service or (if an application is not built with a
    stack protector enabled) arbitrary code execution. (CVE-2022-23218)

  - The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc)
    through 2.34 copies its hostname argument on the stack without validating its length, which may result in
    a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a
    stack protector enabled) arbitrary code execution. (CVE-2022-23219)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-5310-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-23219");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/03/02");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/03/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/03/01");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:glibc-source");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc-bin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc-dev-bin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6-amd64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6-armel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6-dev-amd64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6-dev-armel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6-dev-i386");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6-dev-s390");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6-dev-x32");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6-i386");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6-lse");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6-pic");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6-prof");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6-s390");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6-x32");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:locales");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:locales-all");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:multiarch-support");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nscd");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('18.04' >< os_release || '20.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '18.04', 'pkgname': 'glibc-source', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc-bin', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc-dev-bin', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc6', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc6-amd64', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc6-armel', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc6-dev', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc6-dev-amd64', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc6-dev-armel', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc6-dev-i386', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc6-dev-s390', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc6-dev-x32', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc6-i386', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc6-lse', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc6-pic', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc6-s390', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'libc6-x32', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'locales', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'locales-all', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'multiarch-support', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '18.04', 'pkgname': 'nscd', 'pkgver': '2.27-3ubuntu1.5'},
    {'osver': '20.04', 'pkgname': 'glibc-source', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc-bin', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc-dev-bin', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc6', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc6-amd64', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc6-armel', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc6-dev', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc6-dev-amd64', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc6-dev-armel', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc6-dev-i386', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc6-dev-s390', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc6-dev-x32', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc6-i386', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc6-lse', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc6-pic', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc6-prof', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc6-s390', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'libc6-x32', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'locales', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'locales-all', 'pkgver': '2.31-0ubuntu9.7'},
    {'osver': '20.04', 'pkgname': 'nscd', 'pkgver': '2.31-0ubuntu9.7'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'glibc-source / libc-bin / libc-dev-bin / libc6 / libc6-amd64 / etc');
}
VendorProductVersionCPE
canonicalubuntu_linux18.04cpe:/o:canonical:ubuntu_linux:18.04:-:lts
canonicalubuntu_linux20.04cpe:/o:canonical:ubuntu_linux:20.04:-:lts
canonicalubuntu_linuxglibc-sourcep-cpe:/a:canonical:ubuntu_linux:glibc-source
canonicalubuntu_linuxlibc-binp-cpe:/a:canonical:ubuntu_linux:libc-bin
canonicalubuntu_linuxlibc-dev-binp-cpe:/a:canonical:ubuntu_linux:libc-dev-bin
canonicalubuntu_linuxlibc6p-cpe:/a:canonical:ubuntu_linux:libc6
canonicalubuntu_linuxlibc6-amd64p-cpe:/a:canonical:ubuntu_linux:libc6-amd64
canonicalubuntu_linuxlibc6-armelp-cpe:/a:canonical:ubuntu_linux:libc6-armel
canonicalubuntu_linuxlibc6-devp-cpe:/a:canonical:ubuntu_linux:libc6-dev
canonicalubuntu_linuxlibc6-dev-amd64p-cpe:/a:canonical:ubuntu_linux:libc6-dev-amd64
Rows per page:
1-10 of 241

Related

cloudfoundry 1
ubuntu 4
osv 15
nessus 88
debian 1
archlinux 2
fedora 4
amazon 3
redos 2
gentoo 3
altlinux 1
oraclelinux 9
almalinux 3
suse 3
mageia 5
rocky 3
redhat 3
photon 8
ubuntucve 4
f5 5
cve 4
prion 4
debiancve 6
cloudlinux 1
ibm 7
redhatcve 5
openvas 2
cbl_mariner 2
veracode 1
cloudfoundry
cloudfoundry
USN-5310-1: GNU C Library vulnerabilities | Cloud Foundry
2023-05-18 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2022-03-01 00:00:00
GNU C Library vulnerabilities
2022-03-07 00:00:00
GNU C Library vulnerabilities
2022-12-08 00:00:00
osv
osv
glibc vulnerabilities
2022-03-01 15:09:40
glibc - security update
2022-10-17 00:00:00
Moderate: glibc security, bug fix, and enhancement update
2021-05-18 05:35:07
nessus
nessus
NewStart CGSL MAIN 6.02 : glibc Multiple Vulnerabilities (NS-SA-2022-0085)
2022-11-14 00:00:00
Amazon Linux 2 : glibc (ALAS-2021-1605)
2021-02-19 00:00:00
Debian DLA-3152-1 : glibc - LTS security update
2022-10-23 00:00:00
debian
debian
[SECURITY] [DLA 3152-1] glibc security update
2022-10-17 15:54:41
archlinux
archlinux
[ASA-202102-16] lib32-glibc: denial of service
2021-02-07 00:00:00
[ASA-202102-17] glibc: denial of service
2021-02-07 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: glibc-2.31-5.fc32
2021-01-20 01:28:29
[SECURITY] Fedora 35 Update: glibc-2.34-24.fc35
2022-02-04 01:25:20
[SECURITY] Fedora 34 Update: glibc-2.33-21.fc34
2022-02-03 01:12:32
amazon
amazon
Important: glibc
2021-02-19 01:17:00
Medium: glibc
2022-04-04 23:46:00
Medium: glibc
2022-04-04 23:20:00
redos
redos
ROS-20220323-02
2022-03-23 00:00:00
ROS-20231020-10
2023-10-20 00:00:00
gentoo
gentoo
GNU C Library: Multiple Vulnerabilities
2022-08-14 00:00:00
glibc: Multiple vulnerabilities
2021-07-06 00:00:00
glibc: Multiple vulnerabilities
2021-01-25 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package glibc version 6:2.27-alt14
2021-09-23 00:00:00
oraclelinux
oraclelinux
glibc security update
2021-07-02 00:00:00
glibc security update
2022-03-16 00:00:00
glibc security, bug fix, and enhancement update
2021-05-25 00:00:00
almalinux
almalinux
Moderate: glibc security, bug fix, and enhancement update
2021-05-18 05:35:07
Moderate: glibc security update
2022-03-15 09:12:12
Moderate: glibc security, bug fix, and enhancement update
2021-11-09 09:08:59
suse
suse
Security update for glibc (important)
2021-02-28 00:00:00
Security update for glibc (important)
2022-02-04 00:00:00
Security update for glibc (moderate)
2021-12-10 00:00:00
mageia
mageia
Updated glibc packages fixes security vulnerabilities
2021-03-21 13:43:43
Updated glibc packages fix security vulnerability
2021-01-24 03:36:09
Updated glibc packages fix security vulnerabilities
2022-01-23 23:50:05
rocky
rocky
glibc security, bug fix, and enhancement update
2021-05-18 05:35:07
glibc security update
2022-03-15 09:12:12
glibc security, bug fix, and enhancement update
2021-11-09 09:08:59
redhat
redhat
(RHSA-2021:1585) Moderate: glibc security, bug fix, and enhancement update
2021-05-18 05:35:07
(RHSA-2022:0896) Moderate: glibc security update
2022-03-15 09:12:12
(RHSA-2021:4358) Moderate: glibc security, bug fix, and enhancement update
2021-11-09 09:08:59
photon
photon
Important Photon OS Security Update - PHSA-2021-0005
2021-03-16 00:00:00
Important Photon OS Security Update - PHSA-2021-4.0-0005
2021-03-16 00:00:00
Critical Photon OS Security Update - PHSA-2022-0155
2022-02-17 00:00:00
ubuntucve
ubuntucve
CVE-2020-27618
2021-02-26 00:00:00
CVE-2020-29562
2020-12-04 00:00:00
CVE-2016-10228
2017-03-02 00:00:00
f5
f5
K08641512 : glibc vulnerability CVE-2020-27618
2021-07-13 00:00:00
K52308021 : GNU C Library (glibc) vulnerabilities CVE-2022-23218 and CVE-2022-23219
2022-04-29 00:00:00
K16346064 : glibc vulnerability CVE-2020-29562
2021-01-19 00:00:00
cve
cve
CVE-2020-27618
2021-02-26 23:15:00
CVE-2020-29562
2020-12-04 07:15:00
CVE-2016-10228
2017-03-02 01:59:00
prion
prion
Input validation
2021-02-26 23:15:00
Input validation
2017-03-02 01:59:00
Code injection
2020-12-04 07:15:00
debiancve
debiancve
CVE-2020-27618
2021-02-26 23:15:00
CVE-2016-10228
2017-03-02 01:59:00
CVE-2020-29562
2020-12-04 07:15:00
cloudlinux
cloudlinux
Fix of CVE: CVE-2022-23218, CVE-2022-23219
2022-02-02 16:15:16
ibm
ibm
Security Bulletin: IBM MQ Operator and IBM supplied MQ Advanced container images are vulnerable to multiple issues from Red Hat UBI packages and the IBM WebSphere Application Server Liberty
2022-05-16 08:18:44
Security Bulletin: Vulnerability in glibc affects Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows (CVE-2016-10228)
2019-01-31 02:25:02
Security Bulletin: A vulnerability in glibc impacts IBM Watson™ Speech Services
2021-08-09 14:37:14
redhatcve
redhatcve
CVE-2016-10228
2017-03-02 09:18:08
CVE-2020-29562
2020-12-07 18:59:25
CVE-2020-27618
2020-11-02 12:26:42
openvas
openvas
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2019-1648)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2019-1703)
2020-01-23 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-27618 affecting package glibc 2.28-24
2021-05-06 23:56:55
CVE-2022-23218 affecting package glibc 2.28-24
2022-02-25 01:45:44
veracode
veracode
Denial Of Service (DoS)
2021-11-17 22:36:14
JSON
Related for UBUNTU_USN-5310-1.NASL
cloudfoundry1ubuntu4osv15nessus88debian1archlinux2fedora4amazon3redos2gentoo3altlinux1oraclelinux9almalinux3suse3mageia5rocky3redhat3photon8ubuntucve4f55cve4prion4debiancve6cloudlinux1ibm7redhatcve5openvas2cbl_mariner2veracode1