
CVE-2014-9984 – Ubuntu Security Notice USN-6762-1
https://notcve.org/view.php?id=CVE-2014-9984
12 Jun 2017 — nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd. nscd en la biblioteca C de GNU (también conocido como glibc o libc6), versiones anteriores a la 2.20 ,no calcula correctamente el tamaño de un buffer interno al procesar solicitudes netgroup, posibilitando la caída del demonio nscd o permitiendo la ejecución de códig... • https://packetstorm.news/files/id/154361 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVE-2017-8804
https://notcve.org/view.php?id=CVE-2017-8804
07 May 2017 — The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779. NOTE: [Information provided from upstream and references **EN DISPUTA** Las funciones xdr_bytes y xdr_string en la librería GNU C (conocida como glibc o libc6) 2... • http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00026.html • CWE-502: Deserialization of Untrusted Data •

CVE-2017-15670 – glibc: Buffer overflow in glob with GLOB_TILDE
https://notcve.org/view.php?id=CVE-2017-15670
03 Apr 2017 — The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string. La biblioteca GNU C (también llamada glibc o libc6) en versiones anteriores a la 2.27 contiene un error por un paso que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función glob en glob.c. Esto se relaciona con el procesamiento de dir... • http://www.securityfocus.com/bid/101521 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVE-2017-15671 – Gentoo Linux Security Advisory 201804-02
https://notcve.org/view.php?id=CVE-2017-15671
03 Apr 2017 — The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak). La función glob en glob.c en la biblioteca GNU C (también llamada glibc o libc6) en versiones anteriores a la 2.27, cuando se invoca con GLOB_TILDE, podría omitir la liberación de memoria asignada cuando procesa el operador ~ con un nombre de usuario ... • http://www.securityfocus.com/bid/101517 • CWE-772: Missing Release of Resource after Effective Lifetime •

CVE-2017-15804 – glibc: Buffer overflow during unescaping of user names with the ~ operator
https://notcve.org/view.php?id=CVE-2017-15804
03 Apr 2017 — The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator. La función glob en glob.c en la biblioteca GNU C (también llamada glibc o libc6) en versiones anteriores a la 2.27 contiene un desbordamiento de búfer durante la eliminación del escape de nombres de usuario con el operador ~. It was discovered that the GNU C library did not properly handle all of the possible return values from the kernel getcwd sy... • http://www.securityfocus.com/bid/101535 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVE-2017-16997 – glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary libraries
https://notcve.org/view.php?id=CVE-2017-16997
03 Apr 2017 — elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently ve... • https://github.com/Xiami2012/CVE-2017-16997-poc • CWE-426: Untrusted Search Path CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •

CVE-2018-1000001 – glibc - 'realpath()' Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-1000001
03 Apr 2017 — In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. En glibc 2.26 y anteriores existe una confusión en el uso de getcwd() por realpath(), que puede emplearse para escribir antes del búfer de destino. Esto conduce a un subdesbordamiento de búfer y a una potencial ejecución de código. It was discovered that the GNU C library did not properly handle all of the pos... • https://packetstorm.news/files/id/148173 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVE-2018-6485 – glibc: Integer overflow in posix_memalign in memalign functions
https://notcve.org/view.php?id=CVE-2018-6485
03 Apr 2017 — An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption. Un desbordamiento de enteros en la implementación de posix_memalign en las funciones memalign en GNU C Library (también conocido como glibc o libc6) en versiones 2.26 y anteriores podría provocar que estas funciones devuelvan un puntero a un áre... • http://bugs.debian.org/878159 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVE-2018-6551 – Gentoo Linux Security Advisory 201804-02
https://notcve.org/view.php?id=CVE-2018-6551
03 Apr 2017 — The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption. La implementación malloc en GNU C Library (también conocida como glibc o libc6), desde la versión 2.24 hasta la 2.26 en powerpc y solo en la versión 2.26 en i386, no gestionaba correctam... • https://security.netapp.com/advisory/ntap-20190404-0003 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVE-2015-5180 – glibc: DNS resolver NULL pointer dereference with crafted record type
https://notcve.org/view.php?id=CVE-2015-5180
21 Mar 2017 — res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash). La función res_query de libresolv en glibc anterior a la versión 2.25 permite a un atacante remoto provocar una denegación de servicio (desreferencia a NULL pointer y caída del proceso) It was discovered that the GNU C Library incorrectly handled the strxfrm function. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. Th... • http://www.securityfocus.com/bid/99324 • CWE-476: NULL Pointer Dereference •