ROS-2-796

2.796 Vulnerability in GNU C Library glibc 2.32 CVE-2016-10228,CVE-2020-10029. 1. Vulnerability Description: CVE-2016-10228 Looping in iconv utility, manifested when run with "-c" option, in case of incorrect multibyte data processing. CVE-2020-10029 Stack corruption when trigonometric functions...

ROS-2-1166

2.1166 Vulnerability in GNU C Library glibc 2.32 CVE-2016-10228,CVE-2020-10029. 1. Vulnerability Description: CVE-2016-10228 Looping in iconv utility, manifested when run with "-c" option, in case of incorrect multibyte data processing. CVE-2020-10029 Stack corruption when trigonometric functions...

SUSE: Security Advisory (SUSE-SU-2021:2480-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:2480-1 Security update for glibc

This update for glibc fixes the following issues: Security issues fixed: - CVE-2021-35942: wordexp: Fixed handle overflow in positional parameter number bsc1187911 - CVE-2016-10228: Rewrite iconv option parsing bsc1027496 Other fixes: - Fixed race in pthreadmutexlock while promoting to...

MGASA-2021-0289 Updated glibc packages fix a security vulnerability

A vulnerability was found in the iconv program provided by glibc when it's invoked with the -c option. It can enter an infinite loop while parsing an invalid multi-byte sequence CVE-2016-10228...

Updated glibc packages fix a security vulnerability

A vulnerability was found in the iconv program provided by glibc when it's invoked with the -c option. It can enter an infinite loop while parsing an invalid multi-byte sequence CVE-2016-10228...

Medium: glibc

Issue Overview: In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. CVE-2019-9169 A flaw was found in glibc. If an attacker provides the iconv function with invalid...

glibc security update

2.28-151.0.1.el84 - merge RH patches for ol8-u4 release Review-exception: Patch merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag ...

glibc security, bug fix, and enhancement update

2.28-151.0.1.el84 - merge RH patches for ol8-u4 release Review-exception: Patch merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag ...

Denial Of Service (DoS)

glibc is vulnerable to denial of service. An attacker capable of supplying a malicious sequence of characters to an application using iconv to convert from ISO-2022-JP-3 to cause an assertion failure...

RHEL 8 : glibc (RHSA-2021:1585)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1585 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...

glibc: iconv program can hang when invoked with the -c option

The iconv program in the GNU C Library aka glibc or libc6 2.31 and earlier, when invoked with multiple suffixes in the destination encoding TRANSLATE or IGNORE along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service...

glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters

A flaw was found in glibc's iconv functionality. This flaw allows an attacker capable of supplying a crafted sequence of characters to an application using iconv to convert from ISO-2022-JP-3 to cause an assertion failure. The highest threat from this vulnerability is to system availability...

glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop

A flaw was found in glibc. If an attacker provides the iconv function with invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, IBM1399 encodings, it fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service...

Moderate: glibc security, bug fix, and enhancement update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

RLSA-2021:1585 Moderate: glibc security, bug fix, and enhancement update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

EulerOS 2.0 SP3 : glibc (EulerOS-SA-2021-1790)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate...

Updated glibc packages fixes security vulnerabilities

Updated glibc packages fix a security vulnerabilities: The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead t...

Medium: glibc

Issue Overview: A flaw was found in glibc's iconv functionality. This flaw allows an attacker capable of supplying a crafted sequence of characters to an application using iconv to convert from ISO-2022-JP-3 to cause an assertion failure. The highest threat from this vulnerability is to system...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2021-1600)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...