4 matches found
Astra Linux – Vulnerability in glibc
Using wordexp with WRDEREUSE in conjunction with WRDEAPPEND in the GNU C Library, from version 2.0 to version 2.42, may cause the interface to return uninitialized memory in the wewordv member. This could lead to the process being aborted upon subsequent calls to wordfree...
SUSE-SU-2026:0680-1 Security update for glibc
This update for glibc fixes the following issues: - CVE-2026-0915: resolv: Fix NSS DNS backend for getnetbyaddr bsc1256822, BZ 33802 - CVE-2025-15281: posix: Reset wordexpt fields with WRDEREUSE bsc1257005, BZ 33814 - CVE-2025-8058: posix: Fix double-free after allocation failure in regcomp...
CLSA-2026-1772186153 glibc: Fix of CVE-2025-15281
CVE-2025-15281: fix wordexp with WRDEREUSE and WRDEAPPEND returning uninitialized pointers in wewordv by resetting wewordc after wordfree...
AZL-74819 CVE-2025-15281 affecting package glibc for versions less than 2.38-18
Calling wordexp with WRDEREUSE in conjunction with WRDEAPPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the wewordv member, which on subsequent calls to wordfree may abort the process...