Errata ALT-PU-2024-1492-1: Information
Fixes
Published: Aug. 1, 2017
BDU:2017-02409
Уязвимость функции decode_digit (puny_decode.c) библиотеки Libidn2, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Oct. 21, 2017
BDU:2017-02450
Уязвимость функции glob() библиотеки glob.c, обеспечивающей системные вызовы и основные системные фунции, позволяющая нарушителю вызвать отказ в обслуживании
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Oct. 19, 2017
BDU:2017-02451
Уязвимость функции glob библиотеки glob.c, обеспечивающей системные вызовы и основные системные фунции glibc, позволяющая нарушителю вызвать аварийное завершение работы приложения
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Jan. 7, 2018
BDU:2018-00415
Уязвимость функций getcwd и realpath библиотеки, обеспечивающей системные вызовы и основные функции glibc, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: April 12, 2018
BDU:2019-00571
Уязвимость функции getaddrinfo библиотеки libc6, позволяющая нарушителю вызвать исчерпание оперативной памяти в целевой системе
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 27, 2018
BDU:2019-01066
Уязвимость функции memcmp библиотеки GNU C (glibc), связанная с недостаточной проверкой входных данных, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 12, 2019
BDU:2019-01242
Уязвимость функции proceed_next_node в библиотеке GNU C, связанная с возможностью чтения за границей буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: April 1, 2020
BDU:2020-03566
Уязвимость функции memcpy библиотеки glibc, позволяющая нарушителю выполнить произвольный код в контексте привилегированного процесса
Severity: HIGH (8.1) Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Feb. 25, 2019
BDU:2020-04530
Уязвимость библиотеки glibc, связанная с неконтролируемой рекурсии при поиске совпадений по регулярному выражению, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 27, 2020
BDU:2020-04683
Уязвимость утилиты iconv системной библиотеки GNU C Library (glibc), связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.9) Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Aug. 27, 2020
BDU:2020-04684
Уязвимость функций cosl, sinl, sincosl и tanl системной библиотеки GNU C Library (glibc), позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: June 16, 2021
BDU:2021-03122
Уязвимость функции glob библиотеки glibc операционной системы Аврора, связанная с использованием памяти после ее освобождения, позволяющая нарушителю повысить свои привилегии и выполнить произвольный код
Severity: HIGH (7.0) Vector: AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: June 16, 2021
BDU:2021-03123
Уязвимость библиотеки glibc операционной системы Аврора, связанная с чтением за границами буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.9) Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: June 25, 2021
BDU:2021-03561
Уязвимость функции wordexp() библиотеки, обеспечивающей системные вызовы и основные функции glibc, позволяющая нарушителю читать произвольные файлы
Severity: MEDIUM (6.7) Vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
Links:
Published: Aug. 9, 2021
BDU:2021-04132
Уязвимость компонента sysdeps/unix/sysv/linux/mq_notify.c библиотеки glibc, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.9) Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Oct. 22, 2017
BDU:2021-06342
Уязвимость функции glob (glob.c) библиотеки GNU C позволяющая нарушителю выполнить произвольный код
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Feb. 26, 2021
BDU:2021-06406
Уязвимость утилиты iconv системной библиотеки GNU C Library (glibc), связанная с переходом программы в бесконечный цикл, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Links:
Published: May 25, 2021
BDU:2021-06408
Уязвимость системной библиотеки GNU C Library (glibc), связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить отказ в обслуживании
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: March 14, 2022
BDU:2022-01632
Уязвимость модуля sunrpc ib glibc системной библиотеки glibc, позволяющая нарушителю выполнить произвольный код
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: March 14, 2022
BDU:2022-01633
Уязвимость модуля sunrpc системной библиотеки glibc, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: March 14, 2022
BDU:2022-01634
Уязвимость функции realpath() системной библиотеки glibc, позволяющая нарушителю получить доступ к конфиденциальной информации
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Links:
Published: March 14, 2022
BDU:2022-01635
Уязвимость функции getcwd() системной библиотеки glibc, позволяющая нарушителю выполнить произвольный код
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Feb. 24, 2021
BDU:2022-05689
Уязвимость компонента netgroupcache.c демона кэширования сервера имен nscd системной библиотеки GNU C Library, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (2.5) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Links:
Published: Nov. 19, 2019
BDU:2022-05763
Уязвимость системной библиотеки GNU C Library, связанная с ошибками инициализации памяти, позволяющая нарушителю получить доступ к конфиденциальным данным
Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
Published: Jan. 27, 2021
BDU:2022-07362
Уязвимость функции iconv библиотеки glibc, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Jan. 20, 2020
BDU:2023-03822
Уязвимость функции backtrace системной библиотеки GNU C Library, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity: MEDIUM (6.2) Vector: AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
Links:
Published: March 2, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-10228
The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.
Severity: MEDIUM (5.9) Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=19519
- http://openwall.com/lists/oss-security/2017/03/01/10
- 96525
- https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
- https://sourceware.org/bugzilla/show_bug.cgi?id=26224
- GLSA-202101-20
- https://www.oracle.com/security-alerts/cpuapr2022.html
- [debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update
- [mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar
Published: Sept. 7, 2016
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-6261
The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- [oss-security] 20160721 Re: CVE request: multiple issues fixed in GNU libidn 1.33
- openSUSE-SU-2016:2135
- http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=f20ce1128fb7f4d33297eee307dddaf0f92ac72d
- [help-libidn] 20160720 Libidn 1.33 released
- 92070
- [help-libidn] 20150709 out of bounds stack read in function idna_to_ascii_4i
- [oss-security] 20160720 CVE request: multiple issues fixed in GNU libidn 1.33
- USN-3068-1
- DSA-3658
- [bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
- [bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
Published: Sept. 7, 2016
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-6263
The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- [oss-security] 20160721 Re: CVE request: multiple issues fixed in GNU libidn 1.33
- openSUSE-SU-2016:1924
- openSUSE-SU-2016:2135
- [help-libidn] 20160720 Libidn 1.33 released
- 92070
- [oss-security] 20160720 CVE request: multiple issues fixed in GNU libidn 1.33
- USN-3068-1
- http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=1fbee57ef3c72db2206dd87e4162108b2f425555
- DSA-3658
- GLSA-201908-06
- [bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
- [bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
Published: Aug. 31, 2017
Modified: Dec. 7, 2020
Modified: Dec. 7, 2020
CVE-2017-14062
Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Oct. 20, 2017
Modified: June 20, 2018
Modified: June 20, 2018
CVE-2017-15670
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.
Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Oct. 22, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2017-15804
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.
Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Jan. 31, 2018
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2018-1000001
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Dec. 4, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-19591
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=23927
- 1042174
- 106037
- GLSA-201903-09
- https://security.netapp.com/advisory/ntap-20190321-0003/
- GLSA-201908-06
- USN-4416-1
- https://sourceware.org/git/?p=glibc.git%3Ba=blob_plain%3Bf=NEWS%3Bhb=HEAD
- FEDORA-2018-f6b7df660d
- FEDORA-2018-060302dc83
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=d527c860f5a3f0ed687bd03f0cb464612dc23408
Published: Feb. 26, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-20796
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 20, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-19126
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.
Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Links:
Published: Jan. 4, 2021
Modified: Nov. 9, 2023
Modified: Nov. 9, 2023
CVE-2019-25013
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
Severity: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=24973
- https://security.netapp.com/advisory/ntap-20210205-0004/
- GLSA-202107-07
- https://www.oracle.com/security-alerts/cpuapr2022.html
- [debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update
- https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ee7a3144c9922808181009b7b3e50e852fb4999b
- FEDORA-2021-6feb090c97
- FEDORA-2021-6e581c051a
- [mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar
- [kafka-dev] 20210420 [jira] [Created] (KAFKA-12698) CVE-2019-25013 vulnerability reported in Kafka
- [kafka-jira] 20210420 [jira] [Created] (KAFKA-12698) CVE-2019-25013 vulnerability reported in Kafka
- [kafka-jira] 20210423 [jira] [Commented] (KAFKA-12698) CVE-2019-25013 high priority vulnerability reported in Kafka
- [zookeeper-issues] 20210423 [jira] [Created] (ZOOKEEPER-4285) High CVE-2019-25013 reported by Clair scanner for Zookeeper 3.6.1
- [zookeeper-dev] 20210423 [jira] [Created] (ZOOKEEPER-4285) High CVE-2019-25013 reported by Clair scanner for Zookeeper 3.6.1
- [kafka-jira] 20210423 [jira] [Updated] (KAFKA-12698) CVE-2019-25013 high priority vulnerability reported in Kafka
- [kafka-jira] 20210423 [jira] [Comment Edited] (KAFKA-12698) CVE-2019-25013 high priority vulnerability reported in Kafka
- [zookeeper-issues] 20210506 [jira] [Resolved] (ZOOKEEPER-4285) High CVE-2019-25013 reported by Clair scanner for Zookeeper 3.6.1
Published: Feb. 3, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-7309
In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Feb. 26, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-9169
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=24114
- https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142
- https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140
- 107160
- https://security.netapp.com/advisory/ntap-20190315-0002/
- https://kc.mcafee.com/corporate/index?page=content&id=SB10278
- https://support.f5.com/csp/article/K54823184
- GLSA-202006-04
- USN-4416-1
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=583dd860d5b833037175247230a328f0050dbfe9
Published: Feb. 26, 2019
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2019-9192
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\1\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: March 4, 2020
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2020-10029
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=25487
- openSUSE-SU-2020:0381
- https://security.netapp.com/advisory/ntap-20200327-0003/
- GLSA-202006-04
- USN-4416-1
- [debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=9333498794cde1d5cca518badf79533a24114b6f
- FEDORA-2020-444c372453
- FEDORA-2020-244efc27af
- FEDORA-2020-7f625c5ea8
Published: April 17, 2020
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2020-1751
An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.
Severity: HIGH (7.0) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: April 30, 2020
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2020-1752
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.
Severity: HIGH (7.0) Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752
- https://sourceware.org/bugzilla/show_bug.cgi?id=25414
- https://security.netapp.com/advisory/ntap-20200511-0005/
- USN-4416-1
- GLSA-202101-20
- [debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ddc650e9b3dc916eab417ce9f79e67337b05035c
- [bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
- [bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
Published: Feb. 27, 2021
Modified: Oct. 28, 2022
Modified: Oct. 28, 2022
CVE-2020-27618
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
- https://sourceware.org/bugzilla/show_bug.cgi?id=26224
- https://security.netapp.com/advisory/ntap-20210401-0006/
- GLSA-202107-07
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- [debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update
Published: April 2, 2020
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2020-6096
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.
Severity: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=25620
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
- GLSA-202101-20
- [debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update
- FEDORA-2020-d860479b2a
- FEDORA-2020-4e92a61688
- [mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar
Published: Feb. 24, 2021
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-27645
The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.
Severity: LOW (2.5) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Links:
Published: Jan. 27, 2021
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-3326
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=27256
- [oss-security] 20210128 Re: glibc iconv crash with ISO-2022-JP-3
- https://security.netapp.com/advisory/ntap-20210304-0007/
- GLSA-202107-07
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- [debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update
- https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=7d88c6142c6efc160c0ee5e4f85cde382c072888
Published: May 26, 2021
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-33574
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: July 22, 2021
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-35942
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.
Severity: CRITICAL (9.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=28011
- https://sourceware.org/glibc/wiki/Security%20Exceptions
- https://security.netapp.com/advisory/ntap-20210827-0005/
- GLSA-202208-24
- [debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update
- https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=5adda61f62b77384718b4c0d8336ade8f2b4b35c
Published: Aug. 12, 2021
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2021-38604
In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=28213
- https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc
- https://security.netapp.com/advisory/ntap-20210909-0005/
- https://www.oracle.com/security-alerts/cpujul2022.html
- GLSA-202208-24
- https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=b805aebd42364fe696e417808a700fdb9800c9e8
- https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=4cc79c217744743077bf7a0ec5e0a4318f1e6641
- FEDORA-2021-16dc1f33af
Published: Aug. 24, 2022
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2021-3998
A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Links:
- https://www.openwall.com/lists/oss-security/2022/01/24/4
- https://access.redhat.com/security/cve/CVE-2021-3998
- https://sourceware.org/bugzilla/show_bug.cgi?id=28770
- https://security-tracker.debian.org/tracker/CVE-2021-3998
- https://bugzilla.redhat.com/show_bug.cgi?id=2024633
- https://security.netapp.com/advisory/ntap-20221020-0003/
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ee8d5e33adb284601c00c94687bc907e10aec9bb
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=84d2d0fe20bdf94feed82b21b4d7d136db471f03
Published: Aug. 24, 2022
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2021-3999
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://www.openwall.com/lists/oss-security/2022/01/24/4
- https://access.redhat.com/security/cve/CVE-2021-3999
- https://sourceware.org/bugzilla/show_bug.cgi?id=28769
- https://security-tracker.debian.org/tracker/CVE-2021-3999
- https://bugzilla.redhat.com/show_bug.cgi?id=2024637
- [debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update
- https://security.netapp.com/advisory/ntap-20221104-0001/
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e
Published: Jan. 14, 2022
Modified: Nov. 8, 2022
Modified: Nov. 8, 2022
CVE-2022-23218
The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Jan. 14, 2022
Modified: Nov. 8, 2022
Modified: Nov. 8, 2022
CVE-2022-23219
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links: