186 matches found
SUSE SLED15 / SLES15 Security Update : glibc (SUSE-SU-2025:01702-2)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01702-2 advisory. - CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen...
Security update for glibc
This update for glibc fixes the following issues: CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LDLIBRARYPATH bsc1243317. Patch Instructions: To install this SUSE update use the SUSE recommended...
SUSE-SU-2025:01702-2 Security update for glibc
This update for glibc fixes the following issues: - CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LDLIBRARYPATH bsc1243317...
SUSE: Security Advisory (SUSE-SU-2025:01702-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2025:01784-1 Security update for glibc
This update for glibc fixes the following issues: Security issues fixed: - CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LDLIBRARYPATH bsc1243317. Other issues fixed: - Multi-threaded application...
Ubuntu: Security Advisory (USN-7541-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-4181-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 4181-1] glibc security update
Debian LTS Advisory DLA-4181-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton May 27, 2025 https://wiki.debian.org/LTS Package : glibc Version : 2.31-13+deb11u13 CVE ID : CVE-2025-4802 A flaw was discovered in the dynamic linking support in the GNU C Library, the C...
openSUSE Security Advisory (SUSE-SU-2025:01702-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: glibc / glibc-32bit / glibc-devel / glibc-devel-32bit / etc (SUSE-SU-2025:01702-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01702-1 advisory. - CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries...
Slackware: Security Advisory (SSA:2025-140-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2025-0164)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2025:01702-1 Security update for glibc
This update for glibc fixes the following issues: - CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LDLIBRARYPATH bsc1243317...
Slackware Linux 15.0 aaa_glibc-solibs Vulnerability (SSA:2025-140-01)
The version of aaaglibc-solibs installed on the remote host is prior to 2.33. It is, therefore, affected by a vulnerability as referenced in the SSA:2025-140-01 advisory. New glibc packages are available for Slackware 15.0 to fix a security issue. Tenable has extracted the preceding description...
CVE-2025-4802
A flaw was found in the glibc library. A statically linked setuid binary that calls dlopen, including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo, may incorrectly search LDLIBRARYPATH to determine which library to load, allowing a local attacker to load...
CVE-2025-4802
Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...
AZL-61877 CVE-2025-4802 affecting package glibc for versions less than 2.38-14
Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...
CVE-2025-4802
Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...
CVE-2025-4802
creationtimestamp| type| source ---|---|--- 2025-05-16 19:58:38+00:00| seen| https://seclists.org/oss-sec/2025/q2/159 2025-05-16 20:00:55+00:00| seen| https://infosec.exchange/users/andersonc0d3/statuses/114519287707457625 2025-05-16 20:01:05+00:00| seen|...
CVE-2025-4802
Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...