Denial Of Service (DoS)

glibc is vulnerable to denial of service. An invalid free flaw was found in glibc's getaddrinfo function when used with the AIIDN flag. A remote attacker able to make an application call this function could use this flaw to execute arbitrary code with the permissions of the user running the...

Medium: glibc

Issue Overview: In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function.CVE-2018-19591 Affected Packages: glibc Note: This adviso...

openSUSE Security Update : keepalived (openSUSE-2018-1575)

This update for keepalived to version 2.0.10 fixes the following issues : Security issues fixed bsc1015141 : - CVE-2018-19044: Fixed a check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats - CVE-2018-19045: Fixed mode when creating new...

openSUSE: Security Advisory for keepalived (openSUSE-SU-2018:4212-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for keepalived (moderate)

This update for keepalived to version 2.0.10 fixes the following issues: Security issues fixed bsc1015141: - CVE-2018-19044: Fixed a check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats - CVE-2018-19045: Fixed mode when creating new...

DEBIAN-CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

Design/Logic Flaw

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

UBUNTU-CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

CVE-2018-19591

Summary: CVE-2018-19591 affects the GNU C Library (glibc/libc6). In versions up to 2.28, getaddrinfo() may allocate a socket descriptor for a crafted hostname that is not closed, related to if_nametoindex(). The issue is documented across multiple sources (CVE entry and downstream advisories). Af...

CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

CVE-2018-19591

In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function...

Security Bulletin: GNU C library (glibc) vulnerability affects IBM MobileFirst Quality Assurance (CVE-2015-7547)

Summary A GNU C library glibc stack-based buffer overflow in getaddrinfo vulnerability affects IBM MobileFirst Quality Assurance. Vulnerability Details CVEID: CVE-2015-7547 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the...

Security Bulletin: GNU C library (glibc) vulnerability affects IBM Identity Security Governance (CVE-2015-7547)

Summary A GNU C library glibc stack-based buffer overflow in getaddrinfo vulnerability affects IBM Identity Security Governance Vulnerability Details CVEID: CVE-2015-7547 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the...

Security Bulletin: GNU C library (glibc) vulnerability affects IBM MQ Appliance (CVE-2015-7547)

Summary A GNU C library glibc stack-based buffer overflow in getaddrinfo vulnerability affects IBM MQ Appliance. Vulnerability Details CVEID: CVE-2015-7547 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the nssdns backend for...

glibc security, bug fix, and enhancement update

2.17-222 - Restore internal GLIBCPRIVATE symbols for use during upgrades 1523119 2.17-221 - CVE-2018-1000001: Fix realpath buffer underflow 1534635 - i386: Fix unwinding for 32-bit C++ application 1529982 - Reduce thread and dynamic loader stack usage 1527904 - x86-64: Use XSAVE/XSAVEC more often...