SUSE-SU-2026:21317-1 Security update for glibc-livepatches

This update for glibc-livepatches fixes the following issues: - CVE-2026-4046: Fixed assertion failure when converting inputs may be used to remotely crash an application bsc1261209 - Add support for live-patching the gconv modules sitting in glibc-locale-base or glibc-gconv-modules-extra package...

Debian: Security Advisory (DLA-97-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

PoC exploit for CVE-2021-4034, a privilege escalation vulnerability in the polkit package. The target product/service is polkit, a Linux system policy kit. The vulnerability class/vector is a privilege escalation vulnerability. The probable entry points are the gconv-modules file and the...

OracleVM 3.3 : glibc (OVMSA-2016-0013) (GHOST)

The remote OracleVM system is missing necessary patches to address critical security updates : - Update fix for CVE-2015-7547 1296028. - Create helper threads with enough stack for POSIX AIO and timers 1301625. - Fix CVE-2015-7547: getaddrinfo stack-based buffer overflow 1296028. - Support loadin...

SUSE SLES11 Security Update : glibc (SUSE-SU-2014:1129-1)

This glibc update fixes a critical privilege escalation problem and two additional issues : - bnc892073: An off-by-one error leading to a heap-based buffer overflow was found in gconvtranslitfind. An exploit that targets the problem is publicly available. CVE-2014-5119 - bnc836746: Avoid race...

SUSE SLES11 Security Update : glibc (SUSE-SU-2015:0164-1)

glibc has been updated to fix one security issue and several bugs : Security issue fixed : - Fix crashes on invalid input in IBM gconv modules CVE-2014-6040, CVE-2012-6656 - Fixed a stack overflow during hosts parsing CVE-2013-4357 Bugs fixed : - don't touch user-controlled stdio locks in forked...

SUSE SLES10 Security Update : glibc (SUSE-SU-2014:1128-1)

This glibc update fixes a critical privilege escalation problem and the following security and non-security issues : - bnc892073: An off-by-one error leading to a heap-based buffer overflow was found in gconvtranslitfind. An exploit that targets the problem is publicly available. CVE-2014-5119 -...

SUSE SLES10 Security Update : glibc (SUSE-SU-2015:0170-1)

glibc has been updated to fix security issues : - Fix crashes on invalid input in IBM gconv modules CVE-2014-6040, CVE-2012-6656, bsc894553, bsc894556, GLIBC BZ 17325, GLIBC BZ 14134 - Fixed a stack overflow during hosts parsing CVE-2013-4357 - Copy filename argument in posixspawnfileactionsaddop...

SuSE 11.3 Security Update : glibc (SAT Patch Number 10259)

glibc has been updated to fix security issues and bugs : - Fix crashes on invalid input in IBM gconv modules. CVE-2014-6040 / CVE-2012-6656, bsc894553, bsc894556, GLIBC BZ 17325, GLIBC BZ 14134 - Avoid infinite loop in nssdns getnetbyname. CVE-2014-9402 - Don't touch user-controlled stdio locks i...

Oracle Linux 6 : glibc (ELSA-2015-0016)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0016 advisory. - Fix crashes on invalid input in IBM gconv modules CVE-2014-6040, 1139571. Tenable has extracted the preceding description block directly from the...

glibc security and bug fix update

2.12-1.149.4 - Fix recursive dlopen 1173469. 2.12-1.149.3 - Fix typo in ressend and resquery rh1172023. 2.12-1.149.2 - Fix crashes on invalid input in IBM gconv modules CVE-2014-6040, 1139571. 2.12-1.149.1 - Fix wordexp to honour WRDENOCMD CVE-2014-7817, 1170121...

[SECURITY] [DLA 97-1] eglibc security update

Package : eglibc Version : 2.11.3-4+deb6u2 CVE ID : CVE-2012-6656 CVE-2014-6040 CVE-2014-7817 CVE-2012-6656 Fix validation check when converting from ibm930 to utf. When converting IBM930 code with iconv, if IBM930 code which includes invalid multibyte character "0xffff" is specified, then iconv...

DLA-97-1 eglibc - security update

Bulletin has no description...

openSUSE: Security Advisory for glibc (openSUSE-SU-2014:1115-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3012-1 : eglibc - security update

Tavis Ormandy discovered a heap-based buffer overflow in the transliteration module loading code in eglibc, Debian's version of the GNU C Library. As a result, an attacker who can supply a crafted destination character set argument to iconv-related character conversation functions could achieve...