USN-7634-1 glibc vulnerabilities

It was discovered that the GNU C Library incorrectly handled the strcmp implementation optimized for Power10 processors. This could cause applications to crash, compute wrong results, or leak confidential information. CVE-2025-5702 It was discovered that the GNU C Library incorrectly handled the...

SUSE CVE-2025-5745

The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector registers v20 to v31 without saving contents from the caller those registers are defined as non-volatile registers by the powerpc64le ABI, resulting in overwriting of its...

DEBIAN-CVE-2025-5745

The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector registers v20 to v31 without saving contents from the caller those registers are defined as non-volatile registers by the powerpc64le ABI, resulting in overwriting of its...

UBUNTU-CVE-2025-5745

The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector registers v20 to v31 without saving contents from the caller those registers are defined as non-volatile registers by the powerpc64le ABI, resulting in overwriting of its...

CVE-2025-5745

The strncmp implementation optimized for the Power10 processor in the GNU C Library version 2.40 and later writes to vector registers v20 to v31 without saving contents from the caller those registers are defined as non-volatile registers by the powerpc64le ABI, resulting in overwriting of its...

PT-2025-23974 · Unknown +2 · Gnu C Library +2

Name of the Vulnerable Software and Affected Versions: GNU C Library versions 2.40 and later Description: The issue arises from the strncmp implementation optimized for the Power10 processor, which writes to vector registers v20 to v31 without saving the contents from the caller. This can lead to...

DEBIAN-CVE-2025-21772

In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use putdevsector, since the preceding readpartsector succeeded. - If the partition table clai...

UBUNTU-CVE-2025-21772

In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use putdevsector, since the preceding readpartsector succeeded. - If the partition table clai...

CLSA-2023-1698949430 Fix CVE(s): CVE-2023-31122

SECURITY UPDATE: modmacro buffer over-read - debian/patches/CVE-2023-31122.patch: use our own strncmp function in modmacro - CVE-2023-31122...

CLSA-2023-1698949348 Fix CVE(s): CVE-2023-31122

SECURITY UPDATE: modmacro buffer over-read - debian/patches/CVE-2023-31122.patch: use our own strncmp function in modmacro - CVE-2023-31122...

CLSA-2023-1698949146 httpd: Fix of CVE-2023-31122

CVE-2023-31122: modmacro: fix out-of-bounds read vulnerability by using own strncmp function...

SUSE-SU-2023:1718-2 Security update for glibc

This update for glibc fixes the following issues: Security issue fixed: - CVE-2023-0687: Fix allocated buffer overflow in gmon bsc1207975 Other issues fixed: - Fix avx2 strncmp offset compare condition check bsc1208358 - elf: Allow dlopen of filter object to work bsc1207571 - powerpc: Fix...

SUSE-SU-2023:1718-1 Security update for glibc

This update for glibc fixes the following issues: Security issue fixed: - CVE-2023-0687: Fix allocated buffer overflow in gmon bsc1207975 Other issues fixed: - Fix avx2 strncmp offset compare condition check bsc1208358 - elf: Allow dlopen of filter object to work bsc1207571 - powerpc: Fix...

Pengutronix barebox 信息泄露漏洞

Pengutronix barebox is a bootloader used in embedded Linux systems. A security vulnerability exists in barebox that stems from common password. in Pengutronix barebox through 2021.07.0 leaks time information because strncmp is used during hash comparison...

glibc security update

2.28-151.0.1.el84 - merge RH patches for ol8-u4 release Review-exception: Patch merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag ...

Solaris 10 (SPARC) - 'dtprintinfo' Local Privilege Escalation (3)

Exploit Title: Solaris 10 1/13 SPARC - 'dtprintinfo' Local Privilege Escalation 3 Date: 2021-02-01 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 SPARC / raptordtprintnamesparc3.c - dtprintinfo on Solaris 10...

Catia V5-6R2013 - 'CATV5_Backbone_Bus' Stack Buffer Overflow (PoC)

''' Title: Dassault Syst�mes Catia V5-6R2013 "CATV5BackboneBus" Stack Buffer Overflow Date: 2-18-2014 Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.3ds.com/products-services/catia/portfolio/catia-v5/latest-release/ Tested on: Windows 7 & Windows XP...

Fedora 18 : nbd-3.5-1.fc18 (2013-22607)

Add systemd support for nbd-server. Use strcmp rather than strncmp for CVE-2013-6410. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 13 : glibc-2.12.1-3 (2010-16594)

Fix strstr and memmem algorithm BZ12092, 641124 - Fix handling of tail bytes of buffer in SSE2/SSSE3 x86-64 version strncmp BZ12077 - Never expand $ORIGIN in privileged programs 643306, CVE-2010-3847 Note that Tenable Network Security has extracted the preceding description block directly from...

MDKA-2006:037 : glibc

Updated glibc packages are being provided to ensure that kernel and user-space tools are in sync. This update also fixes a bug present on x8664 platforms where strncmp is mis-optimized. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a...