4 matches found
UBUNTU-CVE-2021-45707
An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. unistd::getgrouplist has an out-of-bounds write if a user is in more than 16 /etc/groups groups...
UBUNTU-CVE-2015-0283
The slapi-nis plug-in before 0.54.2 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service infinite loop and CPU consumption via a request for a 1 group with a large number of members or 2 user that belongs to a large number o...
ipa: memory corruption when using get_user_grouplist()
It was discovered that the IPA extdom Directory Server plug-in did not correctly perform memory reallocation when handling user account information. A request for a list of groups for a user that belongs to a large number of groups would cause a Directory Server to crash...
DEBIAN-CVE-2003-0689
The getgrouplist function in GNU libc glibc 2.2.4 and earlier allows attackers to cause a denial of service segmentation fault and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow...