Описание
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | ignored | |
| esm-infra-legacy/trusty | released | 2.19-0ubuntu6.1 |
| lucid | released | 2.11.1-0ubuntu7.14 |
| precise | released | 2.15-0ubuntu10.6 |
| saucy | ignored | end of life |
| trusty | released | 2.19-0ubuntu6.1 |
| trusty/esm | released | 2.19-0ubuntu6.1 |
| upstream | released | 2.19-2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.19-4ubuntu1 |
| esm-infra-legacy/trusty | DNE | |
| lucid | DNE | |
| precise | DNE | |
| saucy | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 2.19-2 |
Показывать по
7.5 High
CVSS2
Связанные уязвимости
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.
The posix_spawn_file_actions_addopen function in glibc before 2.20 doe ...
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.
7.5 High
CVSS2