glibc: Off-by-one buffer overflow/underflow in getcwd()

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to potentially execute...

USN-5310-2 glibc vulnerabilities

USN-5310-1 fixed several vulnerabilities in GNU. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that the GNU C library getcwd function incorrectly handled buffers. An attacker could use this issue to cause the GNU C Library to cras...

glibc 缓冲区错误漏洞

glibc GNU C Library is the C standard library implemented by the GNU Project. A security vulnerability exists in glibc that originates from an Off-by-one buffer overflow underflow in glibc: getcwd...

DEBIAN-CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...