Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2021:4358

Опубликовано: 15 нояб. 2021
Источник: rocky
Оценка: Moderate

Описание

Moderate: glibc security, bug fix, and enhancement update

For more information visit https://errata.rockylinux.org/RLSA-2021:4358

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
glibci686164.el8glibc-2.28-164.el8.i686.rpm
glibcx86_64164.el8glibc-2.28-164.el8.x86_64.rpm
glibc-all-langpacksx86_64164.el8glibc-all-langpacks-2.28-164.el8.x86_64.rpm
glibc-commonx86_64164.el8glibc-common-2.28-164.el8.x86_64.rpm
glibc-develi686164.el8glibc-devel-2.28-164.el8.i686.rpm
glibc-develx86_64164.el8glibc-devel-2.28-164.el8.x86_64.rpm
glibc-headersi686164.el8glibc-headers-2.28-164.el8.i686.rpm
glibc-headersx86_64164.el8glibc-headers-2.28-164.el8.x86_64.rpm
glibc-langpack-aax86_64164.el8glibc-langpack-aa-2.28-164.el8.x86_64.rpm
glibc-langpack-afx86_64164.el8glibc-langpack-af-2.28-164.el8.x86_64.rpm

Показывать по

Связанные CVE

CVE-2021-35942

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2021-35942

CVSS3: 9.1
ubuntu
почти 4 года назад

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.

redhat логотип

CVE-2021-35942

CVSS3: 9.1
redhat
почти 4 года назад

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.

nvd логотип

CVE-2021-35942

CVSS3: 9.1
nvd
почти 4 года назад

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.

msrc логотип

CVE-2021-35942

CVSS3: 9.1
msrc
почти 4 года назад

Описание отсутствует

debian логотип

CVE-2021-35942

CVSS3: 9.1
debian
почти 4 года назад

The wordexp function in the GNU C Library (aka glibc) through 2.33 may ...