glibc is vulnerable to buffer overflow. The vulnerability exists due to a memory corruption when the size of the buffer is exactly 1 which allows an attacker to control the input buffer and size passed to getcwd() in a setuid program.

References

access.redhat.com/errata/RHSA-2022:0896

access.redhat.com/security/cve/CVE-2021-3999

access.redhat.com/security/updates/classification/#moderate

bugzilla.redhat.com/show_bug.cgi?id=2024637

lists.debian.org/debian-lts-announce/2022/10/msg00021.html

security-tracker.debian.org/tracker/CVE-2021-3999

security.netapp.com/advisory/ntap-20221104-0001/

sourceware.org/bugzilla/show_bug.cgi?id=28769

sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e

sourceware.org/git/gitweb.cgi?p=glibc.git;h=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e

www.openwall.com/lists/oss-security/2022/01/24/4

prion 1

ibm 17

nessus 34

openvas 25

redhatcve 1

ubuntucve 1

debiancve 1

cbl_mariner 1

nvd 1

amazon 1

f5 1

cve 1

mageia 1

cloudlinux 1

cvelist 1

rosalinux 1

osv 8

rocky 2

photon 2

ubuntu 3

redhat 10

oraclelinux 2

suse 1

almalinux 1

fedora 2

redos 1

gentoo 1

qualysblog 1

thn 1

cloudfoundry 1

debian 1

ics 2

avleonov 1

prion

Buffer overflow

2022-08-24 16:15:00

ibm

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability

2022-04-20 14:00:47

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow and underflow in GNU C Library (CVE-2021-3999)

2023-01-12 21:59:00

Security Bulletin: Vulnerability in glibc affects IBM Integrated Analytics System [CVE-2021-3999]

2024-09-27 10:59:44

nessus

EulerOS 2.0 SP9 : glibc (EulerOS-SA-2022-1864)

2022-06-15 00:00:00

EulerOS 2.0 SP10 : glibc (EulerOS-SA-2022-1827)

2022-06-13 00:00:00

F5 Networks BIG-IP : GNU C Library (glibc) vulnerability (K24207649)

2022-04-30 00:00:00

openvas

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2022-2076)

2022-07-14 00:00:00

Mageia: Security Advisory (MGASA-2022-0052)

2022-02-09 00:00:00

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2022-2198)

2022-08-01 00:00:00

redhatcve

CVE-2021-3999

2022-01-11 17:24:18

ubuntucve

CVE-2021-3999

2022-02-01 00:00:00

debiancve

CVE-2021-3999

2022-08-24 16:15:09

cbl_mariner

CVE-2021-3999 affecting package glibc 2.28-23

2022-09-17 05:56:38

nvd

CVE-2021-3999

2022-08-24 16:15:09

amazon

Medium: glibc

2022-10-17 21:46:00

K24207649 : GNU C Library (glibc) vulnerability CVE-2021-3999

2022-04-29 00:00:00

cve

CVE-2021-3999

2022-08-24 16:15:09

mageia

Updated glibc packages fix security vulnerability

2022-02-08 19:27:38

cloudlinux

Fix of CVE: CVE-2021-3999

2022-03-24 16:08:37

cvelist

CVE-2021-3999

2022-08-24 00:00:00

rosalinux

Advisory ROSA-SA-2023-2293

2023-11-14 13:27:35

osv

CVE-2021-3999

2022-08-24 16:15:09

Moderate: glibc security update

2022-03-15 09:12:12

Moderate: glibc security update

2022-03-15 09:12:12

rocky

glibc security update

2022-03-15 23:01:10

glibc security update

2022-03-15 09:12:12

photon

Important Photon OS Security Update - PHSA-2022-3.0-0452

2022-09-16 00:00:00

Important Photon OS Security Update - PHSA-2022-0517

2022-09-17 00:00:00

ubuntu

GNU C Library vulnerabilities

2022-03-07 00:00:00

GNU C Library vulnerabilities

2024-05-02 00:00:00

GNU C Library vulnerabilities

2022-03-01 00:00:00

redhat

(RHSA-2022:0896) Moderate: glibc security update

2022-03-15 09:12:12

(RHSA-2022:1039) Important: Red Hat OpenShift GitOps security update

2022-03-23 21:13:24

(RHSA-2022:1041) Important: Red Hat OpenShift GitOps security update

2022-03-23 21:13:43

oraclelinux

glibc security update

2022-03-19 00:00:00

glibc security update

2022-03-16 00:00:00

suse

Security update for glibc (important)

2022-02-04 00:00:00

almalinux

Moderate: glibc security update

2022-03-15 09:12:12

fedora

[SECURITY] Fedora 34 Update: glibc-2.33-21.fc34

2022-02-03 01:12:32

[SECURITY] Fedora 35 Update: glibc-2.34-24.fc35

2022-02-04 01:25:20

redos

ROS-20220323-02

2022-03-23 00:00:00

gentoo

GNU C Library: Multiple Vulnerabilities

2022-08-14 00:00:00

qualysblog

Oh Snap! More Lemmings: Local Privilege Escalation Vulnerability Discovered in snap-confine (CVE-2021-44731)

2022-02-17 19:15:55

thn

New Linux Privilege Escalation Flaw Uncovered in Snap Package Manager

2022-02-18 08:37:00

cloudfoundry

USN-5310-1: GNU C Library vulnerabilities | Cloud Foundry

2023-05-18 00:00:00

debian

[SECURITY] [DLA 3152-1] glibc security update

2022-10-17 15:54:41

ics

Siemens SIMATIC S7-1500 TM MFP BIOS

2023-06-15 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

avleonov

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

2022-12-30 18:03:13

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

Percentile

5.1%

JSON

Related for VERACODE:35033