CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 3CVE-2017-1000409 – GNU C Library Dynamic Loader glibc ld.so - Memory Leak / Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-1000409
13 Dec 2017 — A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366. Un desbordamiento de búfer en glibc 2.5 (publicado el 29 de septiembre de 2006) puede ser desencadenado mediante la variable de entorno LD_LIBRARY_PATH. Hay que tener en cuenta que muchas versiones de glibc no son vulnerables a este problema si se corrigen con el parche ... • https://packetstorm.news/files/id/145391 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 1CVE-2011-5320
https://notcve.org/view.php?id=CVE-2011-5320
18 Oct 2017 — scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s. La función scanf y las funciones relacionadas en glibc en versiones anteriores a la 2.15 permiten que usuarios locales provoquen una denegación de servicio (fallo de segmentación) mediante una larga cadena de ceros. • http://www.openwall.com/lists/oss-security/2015/03/12/14 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12133 – Ubuntu Security Notice USN-4416-1
https://notcve.org/view.php?id=CVE-2017-12133
07 Sep 2017 — Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path. Vulnerabilidad de uso de memoria previamente liberada en la función clntudp_call en sunrpc/clnt_udp.c en GNU C Library (también conocida como glibc o libc6), en versiones anteriores a la 2.26, permite que atacantes remotos provoquen un impacto sin especificar mediante vectores relacionados co... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYZL6PAKI73XYRJYL5VLDGA4FFGWMB7A • CWE-416: Use After Free •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12132 – glibc: Fragmentation attacks possible when EDNS0 is enabled
https://notcve.org/view.php?id=CVE-2017-12132
01 Aug 2017 — The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation. La herramienta de resolución de zonas stub de DNS en la librería GNU C, también conocida como glibc o libc6, en sus versiones anteriores a la 2.26 cuando el soporte EDNS está activado, solicitará respuestas UDP de gran tamaño de servidores de nombres, pudiendo simpl... • http://www.securityfocus.com/bid/100598 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 52EXPL: 7CVE-2017-1000366 – Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic Stack Clash' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-1000366
19 Jun 2017 — glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier. Glibc contiene una vulnerabilidad que permite que los valores LD_LIBRARY_PATH esp... • https://packetstorm.news/files/id/154361 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 2CVE-2014-9984 – Ubuntu Security Notice USN-6762-1
https://notcve.org/view.php?id=CVE-2014-9984
12 Jun 2017 — nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd. nscd en la biblioteca C de GNU (también conocido como glibc o libc6), versiones anteriores a la 2.20 ,no calcula correctamente el tamaño de un buffer interno al procesar solicitudes netgroup, posibilitando la caída del demonio nscd o permitiendo la ejecución de códig... • https://packetstorm.news/files/id/154361 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15671 – Gentoo Linux Security Advisory 201804-02
https://notcve.org/view.php?id=CVE-2017-15671
03 Apr 2017 — The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak). La función glob en glob.c en la biblioteca GNU C (también llamada glibc o libc6) en versiones anteriores a la 2.27, cuando se invoca con GLOB_TILDE, podría omitir la liberación de memoria asignada cuando procesa el operador ~ con un nombre de usuario ... • http://www.securityfocus.com/bid/101517 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 1CVE-2017-16997 – glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary libraries
https://notcve.org/view.php?id=CVE-2017-16997
03 Apr 2017 — elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently ve... • https://github.com/Xiami2012/CVE-2017-16997-poc • CWE-426: Untrusted Search Path CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15804 – glibc: Buffer overflow during unescaping of user names with the ~ operator
https://notcve.org/view.php?id=CVE-2017-15804
03 Apr 2017 — The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator. La función glob en glob.c en la biblioteca GNU C (también llamada glibc o libc6) en versiones anteriores a la 2.27 contiene un desbordamiento de búfer durante la eliminación del escape de nombres de usuario con el operador ~. It was discovered that the GNU C library did not properly handle all of the possible return values from the kernel getcwd sy... • http://www.securityfocus.com/bid/101535 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15670 – glibc: Buffer overflow in glob with GLOB_TILDE
https://notcve.org/view.php?id=CVE-2017-15670
03 Apr 2017 — The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string. La biblioteca GNU C (también llamada glibc o libc6) en versiones anteriores a la 2.27 contiene un error por un paso que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función glob en glob.c. Esto se relaciona con el procesamiento de dir... • http://www.securityfocus.com/bid/101521 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •