Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-4768-1
HistoryMar 15, 2021 - 12:00 a.m.

musl vulnerabilities

2021-03-1500:00:00
ubuntu.com
32

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.5%

JSON

Releases

  • Ubuntu 16.04 ESM
  • Ubuntu 14.04 ESM

Packages

  • musl - standard C library

Details

It was discovered that musl did not properly handle kernel syscalls. An
attacker could use this vulnerability to cause a denial of service (crash)
or possibly execute arbitrary code. (CVE-2018-1000001)

It was discovered that musl did not properly handle the parsing of DNS
response codes. A remote attacker could use this vulnerability to cause
resource consumption (infinite loop), denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 14.04 ESM.
(CVE-2014-3484)

It was discovered that musl did not properly handle the parsing of DNS
response codes. A remote attacker could use this vulnerability to cause
resource consumption (infinite loop), denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 16.04 ESM.
(CVE-2017-15650)

It was discovered that musl did not properly handle the parsing of ipv6
addresses. An attacker could use this vulnerability to cause a denial of
service (crash) or possibly execute arbitrary code. This issue only affected
Ubuntu 14.04 ESM. (CVE-2015-1817)

It was discovered that TRE library, used by musl, did not properly handle
certain inputs. An attacker could use this vulnerability to cause a denial of
service (crash). (CVE-2016-8859)

OSVersionArchitecturePackageVersionFilename
Ubuntu16.04noarchmusl<ย 1.1.9-1ubuntu0.1~esm2UNKNOWN
Ubuntu16.04noarchmusl<ย 1.1.9-1UNKNOWN
Ubuntu16.04noarchmusl-dev<ย 1.1.9-1UNKNOWN
Ubuntu16.04noarchmusl-tools<ย 1.1.9-1UNKNOWN
Ubuntu14.04noarchmusl<ย 0.9.15-1ubuntu0.1~esm1UNKNOWN
Ubuntu14.04noarchmusl<ย 0.9.15-1UNKNOWN
Ubuntu14.04noarchmusl-dev<ย 0.9.15-1UNKNOWN
Ubuntu14.04noarchmusl-tools<ย 0.9.15-1UNKNOWN

Related

nessus 37
openvas 31
osv 5
veracode 2
alpinelinux 2
gentoo 3
prion 5
debiancve 5
archlinux 4
ubuntucve 5
debian 1
cve 5
mageia 4
securityvulns 1
fedora 9
suse 9
redhatcve 1
f5 1
packetstorm 2
altlinux 1
photon 4
metasploit 1
seebug 1
attackerkb 1
ubuntu 2
exploitdb 1
ibm 10
centos 1
amazon 1
redhat 1
oraclelinux 2
cloudfoundry 1
hackerone 1
nessus
nessus
Ubuntu 16.04 ESM : musl vulnerabilities (USN-4768-1)
2023-10-20 00:00:00
Debian DLA-687-1 : tre security update
2016-10-28 00:00:00
GLSA-202007-43 : TRE: Multiple vulnerabilities
2020-07-27 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4768-1)
2023-01-27 00:00:00
Debian: Security Advisory (DLA-687-1)
2023-03-08 00:00:00
Mageia: Security Advisory (MGASA-2014-0262)
2022-01-28 00:00:00
osv
osv
musl vulnerabilities
2021-03-15 20:10:13
CVE-2017-15650
2017-10-19 23:29:00
tre - security update
2016-10-27 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-05-10 23:23:59
Arbitrary Code Execution
2019-05-16 02:50:43
alpinelinux
alpinelinux
CVE-2016-8859
2017-02-13 18:59:00
CVE-2017-15650
2017-10-19 23:29:00
gentoo
gentoo
TRE: Multiple vulnerabilities
2020-07-27 00:00:00
musl: Integer overflow
2017-01-02 00:00:00
glibc: Multiple vulnerabilities
2018-04-04 00:00:00
prion
prion
Buffer overflow
2017-10-19 23:29:00
Integer overflow
2017-02-13 18:59:00
Stack overflow
2020-02-20 04:15:00
debiancve
debiancve
CVE-2017-15650
2017-10-19 23:29:00
CVE-2014-3484
2020-02-20 04:15:00
CVE-2016-8859
2017-02-13 18:59:00
archlinux
archlinux
[ASA-201710-28] musl: arbitrary code execution
2017-10-21 00:00:00
musl: arbitrary code execution
2015-03-31 00:00:00
[ASA-201801-18] glibc: privilege escalation
2018-01-28 00:00:00
ubuntucve
ubuntucve
CVE-2017-15650
2017-10-19 00:00:00
CVE-2014-3484
2020-02-20 00:00:00
CVE-2016-8859
2017-02-13 00:00:00
debian
debian
[SECURITY] [DLA 687-1] tre security update
2016-10-27 20:09:34
cve
cve
CVE-2017-15650
2017-10-19 23:29:00
CVE-2016-8859
2017-02-13 18:59:00
CVE-2014-3484
2020-02-20 04:15:00
mageia
mageia
Updated musl package fixes CVE-2014-3484
2014-06-18 21:55:16
Updated tre packages fix security vulnerability
2016-11-22 01:18:01
Updated glibc packages fix security vulnerabilities
2018-01-25 15:47:25
securityvulns
securityvulns
musl-libc buffer overflow
2014-06-17 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: glibc-arm-linux-gnu-2.26-4.fc27
2018-03-22 17:00:12
[SECURITY] Fedora 26 Update: glibc-arm-linux-gnu-2.26-4.fc26
2018-03-22 16:48:41
[SECURITY] Fedora 24 Update: tre-0.8.0-18.20140228gitc2f5d13.fc24
2016-11-14 21:04:25
suse
suse
Security update for glibc (important)
2018-01-12 15:07:53
Security update for glibc (important)
2018-01-12 15:12:00
Security update for glibc (important)
2018-01-12 15:12:24
redhatcve
redhatcve
CVE-2018-1000001
2020-04-05 16:57:22
f5
f5
K12896623 : glibc vulnerability CVE-2018-1000001
2018-03-09 00:00:00
packetstorm
packetstorm
glibc 'realpath()' Privilege Escalation
2018-06-12 00:00:00
glibc getcwd() Local Privilege Escalation
2018-01-18 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package glibc version 6:2.26.0.131.fabef2e-alt1
2018-01-12 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0018
2018-02-26 00:00:00
Important Photon OS Security Update - PHSA-2018-0018
2018-02-26 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0111
2018-03-01 00:00:00
metasploit
metasploit
glibc 'realpath()' Privilege Escalation
2018-05-26 21:25:59
seebug
seebug
Libc Realpath็ผ“ๅ†ฒๅŒบไธ‹ๆบขๆผๆดž(CVE-2018-1000001)
2018-01-26 00:00:00
attackerkb
attackerkb
CVE-2018-1000001
2018-01-31 00:00:00
ubuntu
ubuntu
GNU C Library vulnerability
2018-01-17 00:00:00
GNU C Library vulnerabilities
2018-01-17 00:00:00
exploitdb
exploitdb
glibc - &#039;realpath()&#039; Privilege Escalation (Metasploit)
2018-06-13 00:00:00
ibm
ibm
Security Bulletin: Public disclosed GNU glibc vulnerabilities used by IBM OS Images for RedHat Linux in IBM PureApplication Systems (CVE-2017-16997 CVE-2018-1000001)
2019-01-25 12:20:01
Security Bulletin: IBM Security Proventia Network Active Bypass is affected by glibc vulnerabilities (CVE-2018-1000001, CVE-2017-16997, CVE-2017-1000408, CVE-2017-1000409, CVE-2017-17426)
2018-08-29 03:18:43
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilties in GNU C Library
2023-12-07 22:31:02
centos
centos
glibc, nscd security update
2018-04-26 17:41:43
amazon
amazon
Important: glibc
2018-05-10 17:45:00
redhat
redhat
(RHSA-2018:0805) Moderate: glibc security, bug fix, and enhancement update
2018-04-10 05:01:26
oraclelinux
oraclelinux
glibc security update
2018-04-18 00:00:00
glibc security, bug fix, and enhancement update
2018-04-16 00:00:00
cloudfoundry
cloudfoundry
USN-3534-1: GNU C Library vulnerabilities | Cloud Foundry
2018-02-01 00:00:00
hackerone
hackerone
GitLab: Container scanning and Dependency scanning report leaked to unauthorized users
2019-08-19 22:30:30

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.5%

JSON
Related for USN-4768-1
nessus37openvas31osv5veracode2alpinelinux2gentoo3prion5debiancve5archlinux4ubuntucve5debian1cve5mageia4securityvulns1fedora9suse9redhatcve1f51packetstorm2altlinux1photon4metasploit1seebug1attackerkb1ubuntu2exploitdb1ibm10centos1amazon1redhat1oraclelinux2cloudfoundry1hackerone1