USN-6762-1 eglibc, glibc vulnerabilities

It was discovered that GNU C Library incorrectly handled netgroup requests. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. CVE-2014-9984 It was discovered that GNU C Library might allow context-dependent attackers t...

USN-6762-1: GNU C Library vulnerabilities

It was discovered that GNU C Library incorrectly handled netgroup requests. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. CVE-2014-9984 It was discovered that GNU C Library might allow context-dependent attackers t...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : GNU C Library vulnerabilities (USN-6762-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6762-1 advisory. It was discovered that GNU C Library incorrectly handled netgroup requests. An attacker could possibly use this issue to cause a...

Moderate: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

[SECURITY] [DLA 3802-1] org-mode security update

Debian LTS Advisory DLA-3802-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton April 30, 2024 https://wiki.debian.org/LTS Package : org-mode Version : 9.1.14+dfsg-3+deb10u2 CVE ID : CVE-2024-30203 CVE-2024-30204 CVE-2024-30205 Debian Bug : 1067663 Multiple problems...

Moderate: gnutls security update

The gnutls package provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 gnutls: potential crash during chain...

Important: glibc

Issue Overview: The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. CVE-2024-2961...

USN-6737-2 glibc vulnerability

USN-6737-1 fixed a vulnerability in the GNU C Library. This update provides the corresponding update for Ubuntu 24.04 LTS. Original advisory details: Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could use this issue to cause...

USN-6737-2: GNU C Library vulnerability

USN-6737-1 fixed a vulnerability in the GNU C Library. This update provides the corresponding update for Ubuntu 24.04 LTS. Original advisory details: Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could use this issue to cause...

USN-6755-1: GNU cpio vulnerabilities

Ingo Brückl discovered that cpio contained a path traversal vulnerability. If a user or automated system were tricked into extracting a specially crafted cpio archive, an attacker could possibly use this issue to write arbitrary files outside the target directory on the host, even if using the...

Ubuntu 24.04 LTS. : GNU C Library vulnerability (USN-6737-2)

The remote Ubuntu 24.04 LTS. host has packages installed that are affected by a vulnerability as referenced in the USN-6737-2 advisory. USN-6737-1 fixed a vulnerability in the GNU C Library. This update provides the corresponding update for Ubuntu 24.04 LTS. Tenable has extracted the preceding...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : GNU cpio vulnerabilities (USN-6755-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6755-1 advisory. Ingo Brckl discovered that cpio contained a path traversal vulnerability. If a user or automated system were tricked into extracting a special...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to denial of service in GNU Binutils [CVE-2022-4285]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to denial of service in GNU Binutils, caused by a NULL pointer dereference in bfdelfgetsymbolversionstring, resulting in a segmentation fault when parsing ELF files. CVE-2022-4285. GNU Binutils is used in our...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to denial of service in GNU Binutils [CVE-2022-44840]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to denial of service in GNU Binutils, caused by a heap-based buffer overflow vulnerability in function findsectioninset in file readelf.c CVE-2022-44840. GNU Binutils is used in our Speech Services runtimes. Thi...

MGASA-2024-0147 Updated glibc packages fix security vulnerability

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. CVE-2024-2961...

Updated glibc packages fix security vulnerability

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. CVE-2024-2961...

Moderate: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

ROS-20240425-02

A vulnerability in the GNU Tar archiver is related to improper handling of extension attributes in the PAX archive. Exploitation of the vulnerability could allow an attacker acting remotely to transmit special data to the application and cause a denial of service. special data to the application...

PT-2024-40040 · Gnu · Gmp

Name of the Vulnerable Software and Affected Versions: PHPECC affected versions not specified Description: The issue concerns malleable ECDSA signature attacks. When generating new ECDSA signatures, the use of the GMPMath adapter, which wraps the GNU Multiple Precision arithmetic library GMP,...

glibc 安全漏洞

glibc GNU C Library is the C standard library implemented by the GNU Project. A security vulnerability exists in glibc, which stems from an attempt by addgetnetgrentX to send a non-existent response after a cache insertion failure, which may result in a null pointer dereference that could cause t...