Package "libc6"
Links
Download "libc6"
Other versions of "libc6" in Jammy
Changelog
glibc (2.35-0ubuntu3.8) jammy-security; urgency=medium
* SECURITY UPDATE: Stack-based buffer overflow
- debian/patches/CVE-2024-33599.patch: CVE-2024-33599: nscd: Stack-
based buffer overflow in netgroup cache.
- CVE-2024-33599
* SECURITY UPDATE: Null pointer
- debian/patches/CVE-2024-33600_1.patch: CVE-2024-33600: nscd: Avoid
null pointer crashes after notfound response.
- debian/patches/CVE-2024-33600_2.patch: CVE-2024-33600: nscd: Do
not send missing not-found response in addgetnetgrentX.
- CVE-2024-33600
* SECURITY UPDATE: Memory corruption
- debian/patches/CVE-2024-33601_33602.patch: CVE-2024-33601, CVE-
2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX.
- CVE-2024-33601
- CVE-2024-33602
-- Paulo Flabiano Smorigo <email address hidden> Mon, 06 May 2024 17:34:28 -0300
|
Source diff to previous version |
CVE-2024-33599 |
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then |
CVE-2024-33600 |
nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the |
CVE-2024-33601 |
nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xreallo |
CVE-2024-33602 |
nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the N |
|
glibc (2.35-0ubuntu3.7) jammy-security; urgency=medium
* SECURITY UPDATE: OOB write in iconv plugin ISO-2022-CN-EXT
- debian/patches/any/CVE-2024-2961.patch: fix out-of-bound writes when
writing escape sequence in iconvdata/Makefile,
iconvdata/iso-2022-cn-ext.c, iconvdata/tst-iconv-iso-2022-cn-ext.c.
- CVE-2024-2961
-- Marc Deslauriers <email address hidden> Tue, 16 Apr 2024 09:40:36 -0400
|
Source diff to previous version |
CVE-2024-2961 |
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting string |
|
glibc (2.35-0ubuntu3.6) jammy-security; urgency=medium
* SECURITY REGRESSION: incorrect processing of address family with nscd
(LP: #2047155)
- debian/patches/lp2047155/lp2047155-refactor-bits-for-readability.patch:
split out line processing for 'label', 'precedence' and 'scopev4' into
separate functions (gaiconf_inet).
- debian/patches/lp2047155/lp2047155-avoid-if-to-else-jump.patch: clean up
another antipattern where code flows from an if condition to its else
counterpart with a goto (gai_init).
- debian/patches/lp2047155/lp2047155-refactor-code-for-readability.patch:
refactor the code and make it easier to follow by removing the confusing
close_retry goto jump (getaddrinfo).
- debian/patches/lp2047155/
lp2047155-get-nscd-addresses-fix-subscript-typos.patch: fix the
subscript on air->family, which was accidentally set to 'count' when it
should have remained as 'i' (get_nscd_addresses).
- CVE-2023-4806
-- Camila Camargo de Matos <email address hidden> Tue, 02 Jan 2024 10:22:42 -0300
|
Source diff to previous version |
2047155 |
\ |
CVE-2023-4806 |
A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an applicatio |
|
glibc (2.35-0ubuntu3.5) jammy-security; urgency=medium
* SECURITY UPDATE: use-after-free through getcanonname_r plugin call
- debian/patches/any/CVE-2023-4806-pre1.patch: sort tests and
tests-container and put one test per line (nss).
- debian/patches/any/CVE-2023-4806-pre2.patch: simplify canon name
resolution (gaih_inet).
- debian/patches/any/CVE-2023-4806-pre3.patch: fix leak with AI_ALL
(gaih_inet).
- debian/patches/any/CVE-2023-4806-pre4.patch: simplify service resolution
(gaih_inet).
- debian/patches/any/CVE-2023-4806-pre5.patch: make numeric lookup a
separate routine (gaih_inet).
- debian/patches/any/CVE-2023-4806-pre6.patch: split simple gethostbyname
into its own function (gaih_inet).
- debian/patches/any/CVE-2023-4806-pre7.patch: split nscd lookup code into
its own function (gaih_inet).
- debian/patches/any/CVE-2023-4806-pre8.patch: separate nss lookup loop
into its own function (gaih_inet).
- debian/patches/any/CVE-2023-4806-pre9.patch: make gethosts into a
function (gaih_inet).
- debian/patches/any/CVE-2023-4806-pre10.patch: split loopback lookup into
its own function (gaih_inet).
- debian/patches/any/CVE-2023-4806-pre11.patch: split result generation
into its own function (gaih_inet).
- debian/patches/any/CVE-2023-4806-pre12.patch: return EAI_MEMORY on
allocation failure (gethosts).
- debian/patches/any/CVE-2023-4806.patch: copy h_name over and free it at
the end (getaddrinfo).
- CVE-2023-4806
* SECURITY UPDATE: use-after-free in gaih_inet function
- debian/patches/any/CVE-2023-4813.patch: simplify allocations and fix
merge and continue actions.
- CVE-2023-4813
* SECURITY UPDATE: memory leak in getaddrinfo
- debian/patches/any/CVE-2023-5156.patch: fix leak in getaddrinfo
introduced by the fix for CVE-2023-4806.
- CVE-2023-5156
-- Camila Camargo de Matos <email address hidden> Wed, 22 Nov 2023 10:18:45 -0300
|
Source diff to previous version |
CVE-2023-4806 |
A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an applicatio |
CVE-2023-4813 |
A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. Th |
CVE-2023-5156 |
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application |
|
glibc (2.35-0ubuntu3.4) jammy-security; urgency=medium
* SECURITY UPDATE: privilege escalation in ld.so
- debian/patches/any/CVE-2023-4911.patch: terminate immediately if end
of input is reached in elf/dl-tunables.c.
- CVE-2023-4911
-- Marc Deslauriers <email address hidden> Mon, 25 Sep 2023 10:45:50 -0400
|
CVE-2023-4911 |
A buffer overflow was discovered in the GNU C Library's dynamic loader ... |
|
About
-
Send Feedback to @ubuntu_updates