UBUNTU-CVE-2021-3999

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to potentially execute...

CVE-2021-3999

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to potentially execute...

VulnCheck KEV: CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

CVE-2021-3999

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd in a setuid program could use this flaw to potentially execute...

glibc 安全漏洞

glibc GNU C Library is the C standard library implemented by the GNU Project. A security vulnerability exists in glibc that originates from an Off-by-one buffer overflow underflow in glibc: getcwd...

glibc 缓冲区错误漏洞

glibc GNU C Library is the C standard library implemented by the GNU Project. A security vulnerability exists in glibc that originates from an Off-by-one buffer overflow underflow in glibc: getcwd...

NewStart CGSL MAIN 6.02 : glibc Multiple Vulnerabilities (NS-SA-2021-0053)

The remote NewStart CGSL host, running version MAIN 6.02, has glibc packages installed that are affected by multiple vulnerabilities: - The idnatoascii4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via 6...

CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

Arbitrary Code Execution

glibc is vulnerable to arbitrary code execution. A local authenticated attacker could write before the destination buffer leading to a buffer underflow and potential code execution due to a confusion in the usage of getcwd by realpath. Affected is the function realpath in the library...

EulerOS Virtualization 2.5.0 : glibc (EulerOS-SA-2018-1239)

According to the version of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination...

The vulnerability of the getcwd and realpath functions in libraries that provide system calls and the core glibc functions allows a hacker to execute arbitrary code.

The vulnerability of the getcwd and realpath functions in libraries that provide system calls and the main glibc functions arises from operations that go beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially crafted SU...

EulerOS 2.0 SP1 : glibc (EulerOS-SA-2018-1047)

According to the version of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to ...

CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

DEBIAN-CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

Type confusion

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

Libc Realpath缓冲区下溢漏洞(CVE-2018-1000001)

Introduction The vulnerability described here is caused by Linux kernel behaviour change in the syscall API returning relative pathnames in getcwd and non-defensive function implementation in libc failing to process that pathname correctly. Other libraries are very likely to be affected as well. ...

Fedora 26 : glibc (2018-8e27ad96ed)

This update addresses two security vulnerabilities : - CVE-2017-15670, CVE-2017-15671, CVE-2017-15804: Various vulnerabilities could lead to memory corruption in the glob and glob64 function. RHBZ1505298, RHBZ1504807 - CVE-2017-16997: Check for empty tokens before dynamic string token expansion i...