202 matches found
Heap overflow
The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the operator followed by a long string...
CVE-2017-15670
The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the operator followed by a long string...
CVE-2017-15671
The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27, when invoked with GLOBTILDE, could skip freeing allocated memory when processing the operator with a long user name, potentially leading to a denial of service memory leak...
CVE-2017-15670
CVE-2017-15670 affects glibc (libc6) before 2.27. It is a heap-based buffer overflow in glob.c triggered by processing home directories with the ~ operator followed by a long string. Multiple connected documents confirm the vulnerability class and affected component. Remediation in the disclosed ...
CVE-2017-15671
CVE-2017-15671 applies to the GNU C Library (glibc) glob implementation: when invoked with GLOB_TILDE, memory could fail to be freed during ~ expansion for very long usernames, potentially causing a denial of service via memory leak. Affected: glibc versions before 2.27. The connected documents d...
Design/Logic Flaw
Use-after-free vulnerability in the clntudpcall function in sunrpc/clntudp.c in the GNU C Library aka glibc or libc6 before 2.26 allows remote attackers to have unspecified impact via vectors related to error path...
CVE-2017-12133
CVE-2017-12133 affects the GNU C Library (glibc) prior to 2.26. It is a use-after-free in clntudp_call() in sunrpc/clnt_udp.c that allows remote attackers to potentially impact the target via error-path vectors. Affected products are glibc/libc6 environments prior to 2.26; remediation is to upgra...
CVE-2017-12133
Use-after-free vulnerability in the clntudpcall function in sunrpc/clntudp.c in the GNU C Library aka glibc or libc6 before 2.26 allows remote attackers to have unspecified impact via vectors related to error path...
CVE-2017-12132
The DNS stub resolver in the GNU C Library aka glibc or libc6 before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation...
CVE-2017-12132
Summary : CVE-2017-12132 affects the GNU C Library (glibc) DNS stub resolver, enabling off-path DNS spoofing attacks by eliciting large UDP responses when EDNS is enabled. IBM and related advisories reference this GLIBC flaw and tie it to affected IBM hardware/software bundles. What is affected (...
CVE-2017-12132
The DNS stub resolver in the GNU C Library aka glibc or libc6 before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation...
CVE-2014-9984
CVE-2014-9984 affects the GNU C Library (glibc) nscd when processing netgroup requests: the internal buffer size is not computed correctly, which can cause an nscd daemon crash or allow code execution as the user running nscd. The vulnerability is tied to glibc versions prior to 2.20. Several adv...
CVE-2017-8804
CVE-2017-8804 affects glibc (libc6) 2.25 and permits denial of service via crafted UDP packets to port 111 due to mishandled failures in xdr_bytes/xdr_string during buffer deserialization. It is related to CVE-2017-8779 (RPC/BIND) which in other sources is described as a memory-exhaustion vulnera...
VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy Exploit
Exploit for windows platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1086 There is a vulnerability in VirtualBox that permits an attacker with root privileges in a virtual machine with a NAT network interface to corrupt the memory of the...
CVE-2015-8985
CVE-2015-8985 affects the GNU C Library (glibc). The vulnerability lies in pop_fail_stack, where an assertion failure can be triggered via vectors related to extended regular expression processing, enabling a context-dependent attacker to cause a denial of service (crash) in the affected applicat...
CVE-2015-8983
CVE-2015-8983 describes an Integer overflow in glibc's _IO_wstr_overflow (libio/wstrops.c) prior to version 2.22 that can trigger a heap-based buffer overflow, potentially causing an application crash or arbitrary code execution under certain conditions. Affected: GNU C Library (glibc) before 2.2...
CVE-2015-8984
CVE-2015-8984 affects IBM Cloud Pak for Security (CP4S). The CP4S remediation bulletin confirms CP4S versions 1.8.1.0, 1.8.0.0 and 1.7.2.0 contain the glibc fnmatch out-of-bounds read vulnerability described in the CVE (context-dependent denial-of-service via malformed pattern). The documented fi...
CVE-2015-8982
CVE-2015-8982 maps to an Integer Overflow in glibc’s strxfrm (pre-2.21) that could trigger a stack-based overflow, crash, or possible code execution. In the provided data, affected product is Cloud Pak for Security (CP4S) version 1.8.0.0, 1.8.1.0. Remediation = upgrade to CP4S 1.9.0.0 per IBM gui...
CVE-2016-10228
Summary of CVE-2016-10228 from provided sources: The GNU C Library (glibc) iconv processing can enter an infinite loop and cause a denial of service when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) together with the -c option, processing invalid multi-byte inp...
CVE-2016-5417
CVE-2016-5417 affects GNU C Library (glibc/libc6): memory leak in the __res_vinit function of the IPv6 DNS resolver management code (libresolv) prior to version 2.24 can be exploited remotely to cause denial of service via memory exhaustion. Publicly available connected advisories confirm the iss...