Ubuntu Security Notice 5310-1 - Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Jason Royes and Samuel Dytrych discovered that the GNU C Library incorrectly handled signed comparisons on ARMv7 targets. A remote attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
0c11352a9e9620a9d78b56edf5a195481c3c772b41e829e66010783e0ca89f70Ubuntu Security Notice 4954-1 - Jason Royes and Samuel Dytrych discovered that the memcpy implementation for 32 bit ARM processors in the GNU C Library contained an integer underflow vulnerability. An attacker could possibly use this to cause a denial of service or execute arbitrary code. It was discovered that the POSIX regex implementation in the GNU C Library did not properly parse alternatives. An attacker could use this to cause a denial of service. Various other issues were also addressed.
0d97bdfb094448b62a9b461045f71712af4a4388f17038f2bff95ef14f66f9a8Gentoo Linux Security Advisory 202101-20 - Multiple vulnerabilities have been found in glibc, the worst of which could result in the arbitrary execution of code. Versions less than 2.32-r5 are affected.
f9d7b067bff5300d10cd9382d78f5a1a078a78b23e30e2db4e9367a4dc4fc94f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed