ALT-PU-2022-2917-1

BDU:2021-04132

MEDIUM5.9

Уязвимость компонента sysdeps/unix/sysv/linux/mq_notify.c библиотеки glibc, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2021-08-19Modified: 2024-09-13

CVSS 3.xMEDIUM 5.9

CVSS:3.x/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0MEDIUM 5.4

CVSS:2.0/AV:N/AC:H/Au:N/C:N/I:N/A:C

References

CVE-2021-38604

BDU:2022-01632

CRITICAL9.8

Уязвимость модуля sunrpc ib glibc системной библиотеки glibc, позволяющая нарушителю выполнить произвольный код

Published: 2022-03-31Modified: 2024-11-07

CVSS 3.xCRITICAL 9.8

CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2022-23218

BDU:2022-01633

CRITICAL9.8

Уязвимость модуля sunrpc системной библиотеки glibc, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код

Published: 2022-03-31Modified: 2024-11-07

CVSS 3.xCRITICAL 9.8

CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2022-23219

CVE-2020-29562

MEDIUM4.8

The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

Published: 2020-12-04Modified: 2025-06-09

CVSS 2.0LOW 2.1

CVSS:2.0/AV:N/AC:H/Au:S/C:N/I:N/A:P

CVSS 3.xMEDIUM 4.8

CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

References

CVE-2021-38604

HIGH7.5

In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.

Published: 2021-08-12Modified: 2025-05-30

CVSS 2.0MEDIUM 5.0

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS 3.xHIGH 7.5

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

CVE-2022-23218

CRITICAL9.8

The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

Published: 2022-01-14Modified: 2025-05-05

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

CVE-2022-23219

CRITICAL9.8

The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

Published: 2022-01-14Modified: 2025-05-05

CVSS 2.0HIGH 7.5

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS 3.xCRITICAL 9.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Package update glibc in branch p10

Closed issues (7)

Уязвимость компонента sysdeps/unix/sysv/linux/mq_notify.c библиотеки glibc, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость модуля sunrpc ib glibc системной библиотеки glibc, позволяющая нарушителю выполнить произвольный код

Уязвимость модуля sunrpc системной библиотеки glibc, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю выполнить произвольный код

The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.