USN-5310-1: GNU C Library vulnerabilities

🗓️ 01 Mar 2022 15:09:40Reported by UbuntuType

ubuntu

ubuntu🔗 ubuntu.com👁 272 Views

GNU C Library vulnerabilities in Ubuntu 21.10, 20.04 LTS, and 18.04 ES

Reporter	Title	Published	Views	Family All 917
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow and underflow in GNU C Library (CVE-2021-3999)	12 Jan 202321:59	–	ibm
IBM Security Bulletins	Security Bulletin: glibc vulnerability affects IBM Elastic Storage System (CVE-2020-27618)	30 Jul 202105:03	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in glibc affects Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows (CVE-2016-10228)	31 Jan 201902:25	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v5.0.3 is vulnerable to multiple Operator package issues	12 Dec 202416:58	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues	1 Mar 202417:42	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues	30 Nov 202318:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow in GNU glibc (CVE-2021-3999)	1 Feb 202315:45	–	ibm
IBM Security Bulletins	Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability.	15 Dec 202106:15	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Flex System switch firmware products are affected by a vulnerability in glibc (CVE-2021-35942)	7 Dec 202323:00	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in glibc affects IBM Integrated Analytics System [CVE-2021-35942]	27 Sep 202410:01	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	18.04	amd64	glibc-doc	2.27-3ubuntu1.5	glibc-doc_2.27-3ubuntu1.5_amd64.deb
Ubuntu	18.04	arm64	glibc-doc	2.27-3ubuntu1.5	glibc-doc_2.27-3ubuntu1.5_arm64.deb
Ubuntu	18.04	armhf	glibc-doc	2.27-3ubuntu1.5	glibc-doc_2.27-3ubuntu1.5_armhf.deb
Ubuntu	18.04	i386	glibc-doc	2.27-3ubuntu1.5	glibc-doc_2.27-3ubuntu1.5_i386.deb
Ubuntu	18.04	ppc64el	glibc-doc	2.27-3ubuntu1.5	glibc-doc_2.27-3ubuntu1.5_ppc64el.deb
Ubuntu	18.04	s390x	glibc-doc	2.27-3ubuntu1.5	glibc-doc_2.27-3ubuntu1.5_s390x.deb
Ubuntu	18.04	amd64	glibc-source	2.27-3ubuntu1.5	glibc-source_2.27-3ubuntu1.5_amd64.deb
Ubuntu	18.04	arm64	glibc-source	2.27-3ubuntu1.5	glibc-source_2.27-3ubuntu1.5_arm64.deb
Ubuntu	18.04	armhf	glibc-source	2.27-3ubuntu1.5	glibc-source_2.27-3ubuntu1.5_armhf.deb
Ubuntu	18.04	i386	glibc-source	2.27-3ubuntu1.5	glibc-source_2.27-3ubuntu1.5_i386.deb

01 Mar 2022 15:09Current

7.4High risk

Vulners AI Score7.4

CVSS 27.5

CVSS 35.9 - 8.1

CVSS 3.19.8

EPSS0.04398

SSVC

gnu c library ubuntu vulnerability denial of service remote code execution sensitive information cve-2016-10228 cve-2019-25013 cve-2020-27618 cve-2020-29562 cve-2021-3326 cve-2020-6096 cve-2021-27645 cve-2021-35942 cve-2021-3998 cve-2021-3999 cve-2022-23218 cve-2022-23219