Security update for glibc

This update for glibc fixes the following issues: CVE-2026-0861: memalign: reinstate alignment overflow check bsc1256766 CVE-2026-0915: resolv: Fix NSS DNS backend for getnetbyaddr bsc1256822 CVE-2025-15281: posix: Reset wordexpt fields with WRDEREUSE bsc1257005 CVE-2025-8058: posix: Fix...

SUSE-SU-2026:0896-1 Security update for glibc

This update for glibc fixes the following issues: - CVE-2026-0861: memalign: reinstate alignment overflow check bsc1256766 - CVE-2026-0915: resolv: Fix NSS DNS backend for getnetbyaddr bsc1256822 - CVE-2025-15281: posix: Reset wordexpt fields with WRDEREUSE bsc1257005 - CVE-2025-8058: posix: Fix...

SUSE-SU-2026:0680-1 Security update for glibc

This update for glibc fixes the following issues: - CVE-2026-0915: resolv: Fix NSS DNS backend for getnetbyaddr bsc1256822, BZ 33802 - CVE-2025-15281: posix: Reset wordexpt fields with WRDEREUSE bsc1257005, BZ 33814 - CVE-2025-8058: posix: Fix double-free after allocation failure in regcomp...

CVE-2026-24401 Avahi has Uncontrolled Recursion in lookup_handle_cname function

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...

SUSE CVE-2014-9402

The nssdns implementation of getnetbyname in GNU C Library aka glibc before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service infinite loop by sending a positive answer while a network name is being process...

DEBIAN-CVE-2016-3075

Stack-based buffer overflow in the nssdns implementation of the getnetbyname function in GNU C Library aka glibc before 2.24 allows context-dependent attackers to cause a denial of service stack consumption and application crash via a long name...

USN-2985-2 eglibc, glibc regression

USN-2985-1 fixed vulnerabilities in the GNU C Library. The fix for CVE-2014-9761 introduced a regression which affected applications that use the libm library but were not fully restarted after the upgrade. This update removes the fix for CVE-2014-9761 and a future update will be provided to...

glibc: getaddrinfo stack-based buffer overflow

A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note...

glibc: getaddrinfo stack-based buffer overflow

A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note...

UBUNTU-CVE-2015-7547

Multiple stack-based buffer overflows in the 1 senddg and 2 sendvc functions in the libresolv library in the GNU C Library aka glibc or libc6 before 2.23 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted DNS response that triggers a call to...