70 matches found
CVE-2021-3999
CVE-2021-3999 is a glibc vulnerability: an off-by-one buffer overflow/underflow in getcwd() can corrupt memory when the destination buffer size is 1, enabling a local attacker in a setuid context to potentially escalate privileges. The connected advisories confirm this is a real issue across mult...
CVE-2021-3999
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to potentially execute...
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2022-1840)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : glibc (EulerOS-SA-2022-1840)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is...
EulerOS 2.0 SP9 : glibc (EulerOS-SA-2022-1864)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is...
EulerOS 2.0 SP10 : glibc (EulerOS-SA-2022-1827)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is...
EulerOS 2.0 SP10 : glibc (EulerOS-SA-2022-1823)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is...
Buffer Overflow
glibc is vulnerable to buffer overflow. The vulnerability exists due to a memory corruption when the size of the buffer is exactly 1 which allows an attacker to control the input buffer and size passed to getcwd in a setuid program...
The vulnerability of the getcwd() function in the system library glibc, which allows a hacker to execute arbitrary code
The vulnerability of the getcwd function in the glibc system library is related to a single-bit offset error. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending specially crafted application data remotely...
CLSA-2022-1648149189 Fix of CVE: CVE-2021-3999
CVE-2021-3999: single byte buffer overflow and overflow in getcwd...
CLSA-2022-1648147764 Fix of CVE: CVE-2021-3999
CVE-2021-3999: single byte buffer overflow and overflow in getcwd...
Fix of CVE: CVE-2021-3999
CVE-2021-3999: fix single byte buffer overflow and overflow in getcwd...
CLSA-2022-1648138117 Fix of CVE: CVE-2021-3999
CVE-2021-3999: fix single byte buffer overflow and overflow in getcwd...
CLSA-2022-1648138064 Fixed CVE-2021-3999 in glibc
CVE-2021-3999: fix single byte buffer overflow and overflow in getcwd...
Oracle Linux 8 : glibc (ELSA-2022-0896)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-0896 advisory. - CVE-2021-3999: getcwd: align stack on clone in aarch64 and fix a memory leak 2032280 - CVE-2022-23218, CVE-2022-23219: Fix buffer overflows in sunrpc...
glibc: Off-by-one buffer overflow/underflow in getcwd()
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to potentially execute...
RHEL 8 : glibc (RHSA-2022:0896)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0896 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...
USN-5310-2 glibc vulnerabilities
USN-5310-1 fixed several vulnerabilities in GNU. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that the GNU C library getcwd function incorrectly handled buffers. An attacker could use this issue to cause the GNU C Library to cras...
USN-5310-1 glibc vulnerabilities
Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS...
Updated glibc packages fix security vulnerability
Updated glibc packages fix security vulnerability: An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to...