CVE-2018-14939

CVE-2018-14939 concerns LibreOffice up to 6.0.5 where the get_app_path function in desktop/unx/source/start.c mishandles realpath on certain environments (e.g., FreeBSD libc). This could allow a remote-triggered denial of service through a buffer overflow and application crash when LibreOffice is...

CVE-2018-14939

The getapppath function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impac...

CVE-2018-14338

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms other than Apple platforms where glibc is not used, possibly leading to a buffer overflow...

Medium: glibc

Issue Overview: stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary...

Buffer overflow

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms other than Apple platforms where glibc is not used, possibly leading to a buffer overflow...

PYSEC-2018-134

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms other than Apple platforms where glibc is not used, possibly leading to a buffer overflow...

DEBIAN-CVE-2018-14338

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms other than Apple platforms where glibc is not used, possibly leading to a buffer overflow...

PYSEC-2018-134

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms other than Apple platforms where glibc is not used, possibly leading to a buffer overflow...

CVE-2018-14338

The CVE-2018-14338 issue affects Exiv2 (example code: samples/geotag.cpp) in the 0.26 release. The root cause is misuse of the realpath function on POSIX platforms (excluding Apple), where glibc is not used, which could lead to a buffer overflow. Public references in vendor advisories/NVD entries...

CVE-2018-14338

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms other than Apple platforms where glibc is not used, possibly leading to a buffer overflow...

Fedora 27 : glibc (2018-9c88c32d15)

This updates contains various updates from the upstream glibc 2.26 release branch, including minor fixes for the realpath function and the i386 memmove implementation. Starting with this update, glibc will no longer re-exec systemd during glibc updates RHBZ1579225. Note that Tenable Network...

CVE-2018-11236

stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution...

DEBIAN-CVE-2018-11236

stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution...

UBUNTU-CVE-2018-11236

stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution...

glibc security, bug fix, and enhancement update

2.17-222 - Restore internal GLIBCPRIVATE symbols for use during upgrades 1523119 2.17-221 - CVE-2018-1000001: Fix realpath buffer underflow 1534635 - i386: Fix unwinding for 32-bit C++ application 1529982 - Reduce thread and dynamic loader stack usage 1527904 - x86-64: Use XSAVE/XSAVEC more often...

glibc: realpath() buffer underflow when getcwd() returns relative path allows privilege escalation

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

EulerOS 2.0 SP1 : glibc (EulerOS-SA-2018-1047)

According to the version of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to ...

PT-2018-2775 · Gnu +5 · Glibc +5

Name of the Vulnerable Software and Affected Versions: glibc versions 2.27 and earlier Description: The issue is caused by an integer overflow in the mempcpy function of the glibc library, which provides system calls and basic functions. This overflow can occur when processing very long pathname...

CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

DEBIAN-CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...