137 matches found
CLSA-2024-1718900000 glibc: Fix of 2 CVEs
CVE-2024-2961: fix buffer overflow issue in iconv function when converting strings to ISO-2022-CN-EXT character set - CVE-2024-33599: fix buffer overflow in netgroup cache...
CLSA-2024-1718898112 glibc: Fix of 3 CVEs
CVE-2024-33600: nscd: avoid null pointer crashes after notfound response - CVE-2024-33601: fix memory allocation issue in netgroup cache by replacing xmalloc and xrealloc functions to prevent denial of service - CVE-2024-33602: fix memory corruption in netgroup cache by ensuring all strings are...
CLSA-2024-1718897210 glibc: Fix of 3 CVEs
CVE-2024-33600: nscd: avoid null pointer crashes after notfound response - CVE-2024-33601: fix memory allocation issue in netgroup cache by replacing xmalloc and xrealloc functions to prevent denial of service - CVE-2024-33602: fix memory corruption in netgroup cache by ensuring all strings are...
CLSA-2024-1718794810 glibc: Fix of 3 CVEs
CVE-2024-33600: nscd: avoid null pointer crashes after notfound response - CVE-2024-33601: fix memory allocation issue in netgroup cache by replacing xmalloc and xrealloc functions to prevent denial of service - CVE-2024-33602: fix memory corruption in netgroup cache by ensuring all strings are...
Oracle Linux 8 : glibc (ELSA-2024-12440)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12440 advisory. - CVE-2024-33599: nscd: buffer overflow in netgroup cache RHEL-34264 - CVE-2024-33600: nscd: null pointer dereferences in netgroup cache RHEL-34267 -...
glibc security update
2.28-251.0.2.2 - Forward port of Oracle patches over 2.28-251.2 Reviewed-by: Jose E. Marchesi Oracle history: May-23-2024 Cupertino Miranda - 2.28-251.0.2.1 - Forward port of Oracle patches over 2.28-251.1 Reviewed-by: Jose E. Marchesi May-22-2024 Cupertino Miranda - 2.28-251.0.2 - Forward port o...
Rocky Linux 8 : glibc (RLSA-2024:3344)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3344 advisory. glibc: stack-based buffer overflow in netgroup cache CVE-2024-33599 glibc: null pointer dereferences after failed netgroup cache insertion CVE-2024-3360...
Rocky Linux 9 : glibc (RLSA-2024:3339)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3339 advisory. glibc: Out of bounds write in iconv conversion to ISO-2022-CN-EXT CVE-2024-2961 glibc: stack-based buffer overflow in netgroup cache CVE-2024-33599 glib...
CLSA-2024-1718023873 glibc: Fix of 2 CVEs
CVE-2024-2961: Fix buffer overflow issue in iconv function when converting strings to ISO-2022-CN-EXT character set - CVE-2024-33599: Fix buffer overflow in netgroup cache...
Oracle Linux 7 : glibc (ELSA-2024-3588)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3588 advisory. - CVE-2024-33599: nscd: buffer overflow in netgroup cache RHEL-34263 - CVE-2024-33600: nscd: null pointer dereferences in netgroup cache -...
glibc security update
2.17-326.3 - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi 2.17-326.3 - nscd: Fix timeout type in netgroup cache RHEL-34263 2.17-326.2 - nscd: Do not use sendfile for the netgroup cache - nscd: Use-after-free in netgroup cache - CVE-2024-33599: nscd: buffer overflow in...
glibc: netgroup cache may terminate daemon on memory allocation failure
A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure...
glibc: stack-based buffer overflow in netgroup cache
A stack-based buffer overflow flaw was found in the glibc netgroup cache. In certain conditions, its possible to trigger a stack-based buffer overflow condition that can lead to a denial of service and potentially other malicious actions that impact confidentiality and integrity...
glibc: netgroup cache assumes NSS callback uses in-buffer strings
A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash...
glibc: null pointer dereferences after failed netgroup cache insertion
A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit...
Important: Red Hat Security Advisory: glibc security update
An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
glibc: netgroup cache may terminate daemon on memory allocation failure
A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure...
glibc: stack-based buffer overflow in netgroup cache
A stack-based buffer overflow flaw was found in the glibc netgroup cache. In certain conditions, its possible to trigger a stack-based buffer overflow condition that can lead to a denial of service and potentially other malicious actions that impact confidentiality and integrity...
glibc: netgroup cache assumes NSS callback uses in-buffer strings
A flaw was found in the glibc netgroup cache. The buffer-resizing code in addgetnetgrentX assumes that all string pointers point into the supplied buffer. This can potentially lead to memory corruption and cause a crash...
glibc: null pointer dereferences after failed netgroup cache insertion
A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit...