lib32-glibc

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description GNU C Library (32-bit)
Version 2.40+r16+gaa533d58ff-2 [core]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2833 2.37-1 2.37-2 Unknown Fixed
AVG-1324 2.32-5 Medium Not affected
AVG-1320 2.32-5 2.33-1 Low Fixed
AVG-830 2.28-5 2.29-1 Medium Fixed
AVG-590 2.26-10 2.26-11 High Fixed
AVG-460 2.26-8 2.26-9 High Fixed
AVG-369 2.25-7 2.26-1 Critical Fixed
AVG-308 2.25-3 2.25-4 High Fixed
Issue Group Severity Remote Type Description
CVE-2023-25139 AVG-2833 Unknown Unknown Unknown
buffer overflow in sprintf(3) due to a regression where after the refactor the implementation does not account for grouping characters during padding of the width
CVE-2021-3326 AVG-1320 Low No Denial of service
The iconv function in glibc version 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code...
CVE-2020-29573 AVG-1324 Medium No Arbitrary code execution
sysdeps/i386/ldbl2mpn.c in glibc before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an...
CVE-2020-29562 AVG-1320 Low No Denial of service
The iconv function in glibc version 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and...
CVE-2020-27618 AVG-1320 Low No Denial of service
A flaw was found in glibc up to version 2.32. If an attacker provides the iconv function with invalid multi-byte input sequences in IBM1364, IBM1371,...
CVE-2019-25013 AVG-1320 Low No Denial of service
The iconv feature in glibc up to version 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read. The...
CVE-2018-1000001 AVG-590 High No Privilege escalation
A buffer underflow vulnerability has been discovered in the realpath() function in glibc 2.26 when getcwd() returns a relative or unreachable path (i.e. not...
CVE-2018-19591 AVG-830 Medium Yes Denial of service
A file descriptor leak has been found in glibc <= 2.28, in the if_nametoindex() function, when processing getaddrinfo() calls with crafted interface names.
CVE-2017-1000366 AVG-308 High No Privilege escalation
A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions...
CVE-2017-15671 AVG-460 Medium Yes Denial of service
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when...
CVE-2017-15670 AVG-460 High Yes Arbitrary code execution
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by- one error leading to a heap-based buffer overflow in the glob function in glob.c,...
CVE-2017-12133 AVG-369 Critical Yes Arbitrary code execution
A use-after-free vulnerability has been found the GNU C Library (aka glibc or libc6) before version 2.26, in clntudp_call in the Sun RPC system.
CVE-2017-12132 AVG-369 Medium Yes Content spoofing
The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from...

Advisories

Date Advisory Group Severity Type
07 Feb 2021 ASA-202102-16 AVG-1320 Low denial of service
10 Jan 2018 ASA-201801-8 AVG-460 High multiple issues
28 Jan 2018 ASA-201801-19 AVG-590 High privilege escalation
20 Jun 2017 ASA-201706-22 AVG-308 High privilege escalation