Important: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc: Ou...

AZL-40316 CVE-2024-33601 affecting package glibc for versions less than 2.35-7

nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's nscd netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was...

CVE-2024-25391

A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2...

CVE-2024-25391

A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2...

CVE-2024-25391

A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2...

CVE-2024-25391

CVE-2024-25391 affects RT-Thread RTOS up to version 5.0.2, with a stack-based buffer overflow in libc/posix/ipc/mqueue.c. The CVE description from multiple sources confirms the issue is a stack overflow in that file, reported as a local-attack surface with high impact (confidentiality/integrity/a...

Medium: virtuoso-opensource

Issue Overview: An issue in the libcmalloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements. CVE-2023-31607 An issue in the dfeunitcolloci component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Deni...

CVE-2023-5941

In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the sflush stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write2 system call returns an error. Depending on the...

Heap overflow

In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the sflush stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write2 system call returns an error. Depending on the...

CVE-2023-5941 libc stdio buffer overflow

In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the sflush stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write2 system call returns an error. Depending on the...

CVE-2023-5941

CVE-2023-5941 affects FreeBSD: libc stdio __sflush() may heap-buffer overflow on write(2) errors for line-buffered streams, impacting 12.4-RELEASE before 12.4-p7 and 13.2-RELEASE before 13.2-p5. Consequence is data corruption or arbitrary code execution at the attacker’s privileges depending on a...

FreeBSD-SA-23:15.stdio

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:15.libc Security Advisory The FreeBSD Project Topic: libc stdio buffer overflow Category: core Module: libc Announced: 2023-11-07 Credits: inooo All supporte...

FreeBSD : FreeBSD -- libc stdio buffer overflow (5afcc9a4-7e04-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5afcc9a4-7e04-11ee-8e38-002590c1f29c advisory. - In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to...

FreeBSD -- libc stdio buffer overflow

Problem Description: For line-buffered streams the sflush function did not correctly update the FILE object's write space member when the write2 system call returns an error. Impact: Depending on the nature of an application that calls libc's stdio functions and the presence of errors returned fr...

PT-2023-6926 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD versions 12.4-RELEASE prior to 12.4-RELEASE-p7 FreeBSD versions 13.2-RELEASE prior to 13.2-RELEASE-p5 Description: The sflush stdio function in libc does not correctly update FILE objects' write space members for write-buffered stream...

Denial Of Service (DoS)

wabt is vulnerable to Denial of Service DoS. The vulnerability occurs when putting @ before a quote " which allows a malicious attacker to cause a libc++abi.dylib crash...

About the security content of iOS 16.7.2 and iPadOS 16.7.2

About the security content of iOS 16.7.2 and iPadOS 16.7.2 This document describes the security content of iOS 16.7.2 and iPadOS 16.7.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

About the security content of macOS Monterey 12.7.1

About the security content of macOS Monterey 12.7.1 This document describes the security content of macOS Monterey 12.7.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

RLSA-2023:5455 Important: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

Important: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...