1992 matches found
CVE-2026-4046
The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...
CVE-2026-4046 iconv crash due to assertion failure with untrusted input
The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and...
CVE-2026-4046
The CVE-2026-4046 issue affects the iconv() function in glibc up to version 2.43, where input conversion from IBM1390/IBM1399 can trigger an assertion failure and cause remote crashes. Affected component: GNU C Library (glibc). Underlying cause: assertion failure during character-set conversion. ...
GNU C Library 安全漏洞
The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions of the GNU C Library 2.43 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the iconv function, which could crash due to assertion...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glibc (UTSA-2026-006302)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006302 advisory. When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size...
RLSA-2026:4772 Moderate: glibc security update
The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...
SUSE CVE-2026-4437
Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the...
CVE-2026-4437
A flaw was found in glibc the GNU C Library. When an application uses the gethostbyaddr or gethostbyaddrr functions with a nsswitch.conf configuration that specifies glibc's DNS backend, a remote attacker can send a specially crafted DNS Domain Name System response. This crafted response can caus...
Advisory ROSA-SA-2026-3251
software: glibc 2.33 AXIS: ROSA-CHROME unaffected versions = glibc-2.33-11.git5f08d1.5 affected versions glibc-2.33-11.git5f08d1.5 CVE-ID: CVE-2026-0915 BDU-ID: 2026-02104 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the getnetbyaddr and getnetbyaddrr functions of the GNU C Library system library...
EUVD-2026-13796
Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the...
CVE-2026-4437
Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the...
CVE-2026-4437
Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the...
UBUNTU-CVE-2026-4438
Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification...
CVE-2026-4438 gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames
Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification...
GNU C Library 安全漏洞
The GNU C Library is an open-source, free C programming language library published by the GNU community under the LGPL license. Versions of the GNU C Library 2.34 to 2.43 contain security vulnerabilities. These vulnerabilities arise from the gethostbyaddr or gethostbyaddrr functions potentially...
GNU C Library 安全漏洞
The GNU C Library is an open-source, free C programming language library published by the GNU community under the LGPL license. Versions of the GNU C Library 2.34 to 2.43 contained security vulnerabilities. These vulnerabilities occurred because the gethostbyaddr or gethostbyaddrr functions might...
Linux Distros Unpatched Vulnerability : CVE-2026-4437
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Calling gethostbyaddr or gethostbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2....
glibc security update
2.28-251.0.4.31 - Forward port of Oracle patches Reviewed-by: Jose E. Marchesi Oracle history: February-24-2026 Cupertino Miranda - 2.28-251.0.4.27 - Fixed orabug 38834066 stpcpy MTE support Reviewed-by: Jose E. Marchesi December-8-2025 Cupertino Miranda - 2.28-251.0.3.27 - Forward port of Oracle...
CLSA-2026-1773827924 glibc: Fix of CVE-2025-15281
CVE-2025-15281: fix process crash in wordexp when attempting to reuse and append to previous expansion results due to uninitialized memory access...
glibc: glibc: Information disclosure via zero-valued network query
A flaw was found in glibc, the GNU C Library. When an application calls the getnetbyaddr or getnetbyaddrr functions to resolve a network address, and the system's nsswitch.conf file is configured to use a DNS Domain Name System backend for network lookups, a query for a zero-valued network can le...