Astra Linux - уязвимость в glibc

The deprecated compatibility function clntcreate in the sunrpc module of the GNU C Library also known as glibc from versions up to 2.34 copies its hostname argument onto the stack without validating its length. This may lead to a buffer overflow, potentially causing a denial of service or, if the...

ROS-20260112-7336

A vulnerability in the svctcplistendataready function in the net/sunrpc/svcsock.c module of the Linux kernel's RPC Remote Procedure Call protocol implementation is related to the reuse of previously freed memory due to competitive access to a resource race condition. Exploitation of the...

EUVD-2022-28308

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to ensure that cache entries are active before the cacheshow function is called in the SUNRPC module,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in the sunrpc module caused by the sunrpc kernel tcp socket...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in the sunrpc module caused by the sunrpc kernel tcp socket...

Security Bulletin: Vulnerability in glibc affects IBM Integrated Analytics System [CVE-2022-23219]

Summary Redhat provided glibc is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2022-23219 Vulnerability Details CVEID:CVE-2022-23219 DESCRIPTION: GNU C Library aka glibc is vulnerable to a stack-based buffer overflow, caused by...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the net, sunrpc module in the xstcpsetupsocket, where the BPF program may return -EPERM if the connection...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a faulty loop termination condition in the SUNRPC module gssfreeintokenpages...

PT-2024-4107

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8.0-rc6+ Description The vulnerability is related to the SUNRPC module in the Linux kernel, specifically with the TCP TLS functionality. A missing rpc stat for TCP TLS can cause a kernel NULL pointer dereferenc...

kernel: net/sunrpc: fix potential memory leaks in rpc_sysfs_xprt_state_change()

A flaw was found in the sunrpc module in the Linux kernel. A missing decrement of the reference count when an error occurs can cause a memory leak, and a missing check can cause a NULL pointer dereference, potentially resulting in a denial of service...

EulerOS Virtualization 2.10.1 : glibc (EulerOS-SA-2022-2051)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The deprecated compatibility function svcunixcreate in the sunrpc module of the GNU C Library aka glibc through 2.34 copies its pa...

Denial Of Service (DoS)

Red Hat Product Security has rated this issue as having Moderate security impact and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 6 and 7, hence, marked as Out-of-Support-Scope. For additional information, refer to the Issue Severity...

USN-5310-1 glibc vulnerabilities

Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS...

CLSA-2022-1645700784 Fix of CVE: CVE-2022-23219, CVE-2022-23218

CVE-2022-23218: stack buffer overflow in sunrpc module results in DoS - CVE-2022-23219: stack buffer overflow in sunrpc module results in DoS...

The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length which may result in a buffer overflow potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

...

AZL-7533 CVE-2022-23219 affecting package glibc for versions less than 2.35-1

The deprecated compatibility function clntcreate in the sunrpc module of the GNU C Library aka glibc through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or if an application is no...

DEBIAN-CVE-2022-23218

The deprecated compatibility function svcunixcreate in the sunrpc module of the GNU C Library aka glibc through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or if an application is not...

CVE-2022-23218

The deprecated compatibility function svcunixcreate in the sunrpc module of the GNU C Library aka glibc through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or if an application is not...

UBUNTU-CVE-2022-23219

The deprecated compatibility function clntcreate in the sunrpc module of the GNU C Library aka glibc through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or if an application is no...