OpenBSD Local Privilege Escalation Vulnerability (CVE-2019-19726)

Qualys Research Labs discovered a local privilege escalation vulnerability in OpenBSD's dynamic loader. The vulnerability could allow local users or malicious software to gain full root privileges. OpenBSD developers have confirmed the vulnerability and released security patches in less than 3...

Qualys Security Advisory - OpenBSD Dynamic Loader Privilege Escalation

Qualys Security Advisory Local Privilege Escalation in OpenBSD's dynamic loader CVE-2019-19726 ============================================================================== Contents ============================================================================== Summary Analysis Demonstration...

The vulnerability of the dynamic loader ld.so, which is responsible for system calls and core functions of glibc, allows a attacker to trigger a memory corruption.

The vulnerability of the dynamic loader ld.so, which provides system calls and core functions of the glibc library, is related to resource management errors. Exploiting this vulnerability allows an attacker to trigger a memory leak by using the environment variable LDHWCAPMASK...

Ubuntu: Security Advisory (USN-3534-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GNU C Library Dynamic Loader glibc ld.so - Memory Leak / Buffer Overflow

Qualys Security Advisory Buffer overflow in glibc's ld.so ======================================================================== Contents ======================================================================== Summary Memory Leak Buffer Overflow Exploitation Acknowledgments...

PT-2017-3532

Name of the Vulnerable Software and Affected Versions: glibc version 2.1.1 Description: The issue is related to a memory leak in glibc that can be triggered and amplified through the LD HWCAP MASK environment variable. It is associated with errors in resource management in the dynamic loader ld.s...

EulerOS 2.0 SP2 : glibc (EulerOS-SA-2017-1200)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A stack overflow vulnerability was found in nan functions that could cause applications, which process long strings with the nan function, to cra...

EulerOS 2.0 SP1 : glibc (EulerOS-SA-2017-1199)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A stack overflow vulnerability was found in nan functions that could cause applications, which process long strings with the nan function, to cra...

Scientific Linux Security Update : glibc on SL7.x x86_64 (20170801)

Security Fixes : - A stack overflow vulnerability was found in nan functions that could cause applications, which process long strings with the nan function, to crash or, potentially, execute arbitrary code. CVE-2014-9761 - It was found that out-of-range time values passed to the strftime functio...

RedHat Update for glibc RHSA-2017:1916-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: glibc security, bug fix, and enhancement update

An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

The vulnerability of the library that handles system calls and core functions, glibc, allows a attacker to execute arbitrary code.

The vulnerability of the elfgetdynamicinfo function in the elf/dynamic-link.h file of the ld.so library, which provides system calls and core functions, is related to integer overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely using a specially crafted EL...

glibc, nscd security update

CentOS Errata and Security Advisory CESA-2016:0175 Updated glibc packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base...

Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20160216)

A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note...

Scientific Linux Security Update : glibc on SL7.x x86_64 (20160216)

A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note...

RedHat Update for glibc RHSA-2016:0175-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 6 : glibc (RHSA-2016:0175)

Updated glibc packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

SUSE-SU-2016:0472-1 Security update for glibc

This update for glibc fixes the following issues: - CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed remote attackers to cause a crash or execute arbitrary code via crafted and timed DNS responses bsc961721 - CVE-2015-8777: Insufficient checking of LDPOINTERGUARD environment...

Critical: Red Hat Security Advisory: glibc security and bug fix update

Updated glibc packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Critical: Red Hat Security Advisory: glibc security and bug fix update

Updated glibc packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...