2 matches found
AZL-55965 CVE-2025-0395 affecting package glibc for versions less than 2.38-11
When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...
AZL-34732 CVE-2023-4527 affecting package glibc for versions less than 2.38-11
A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...