RHEL 7 : binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - binutils: heap-based buffer overflow in finishstab in stabs.c CVE-2018-12699 - The bfdvmssavesizedstring...

RHEL 5 : binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - binutils: heap-based buffer overflow in finishstab in stabs.c CVE-2018-12699 - The bfdvmssavesizedstring...

glibc: netgroup cache may terminate daemon on memory allocation failure

A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure...

glibc: Out of bounds write in iconv may lead to remote code execution

An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of...

glibc: null pointer dereferences after failed netgroup cache insertion

A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit...

AlmaLinux 8 : glibc (ALSA-2024:2722)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:2722 advisory. - The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the...

Oracle Linux 8 : glibc (ELSA-2024-2722)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2722 advisory. 2.28-236.0.1.13 - Forward port of Oracle patches. Reviewed-by: Jose E. Marchesi Tenable has extracted the preceding description block directly from the Oracle...

The vulnerability of the NSCCD server caching daemon in the GNU C Library allows a attacker to cause a service failure.

The vulnerability of the NSCCD daemon, a caching service for system names in the GNU C Library, relates to the assignment of zero pointers. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service failures...

The vulnerability of the NSCCD server caching service in the GNU C Library allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the NSCCD daemon, a caching service for system names in the GNU C Library, is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker operating remotely to compromise the confidentiality, integrity, and accessibility of the protected...

SUSE: Security Advisory (SUSE-SU-2024:1548-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

glibc: Out of bounds write in iconv may lead to remote code execution

An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of...

[SECURITY] Fedora 40 Update: nano-7.2-7.fc40

GNU nano is a small and friendly text editor...

AZL-40288 CVE-2024-33599 affecting package glibc for versions less than 2.38-11

nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's nscd fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was...

CVE-2024-33600

nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's nscd cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This...

AZL-40291 CVE-2024-33600 affecting package glibc for versions less than 2.38-11

nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's nscd cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This...

AZL-40316 CVE-2024-33601 affecting package glibc for versions less than 2.35-7

nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's nscd netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was...

UBUNTU-CVE-2024-33601

nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's nscd netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was...

glibc: Multiple Vulnerabilities

Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workarou...

glibc 安全漏洞

glibc GNU C Library is the C standard library implemented by the GNU Project. A security vulnerability exists in glibc version 2.15, which stems from a potential stack-based buffer overflow if the fixed-size cache of the Name Service Cache Daemon nscd is exhausted...

Ubuntu: Security Advisory (USN-6762-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...