Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-11236

Опубликовано: 18 мая 2018
Источник: ubuntu
Приоритет: medium
CVSS2: 7.5
CVSS3: 9.8

Описание

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

released

2.19-0ubuntu6.15+esm3
esm-infra/focal

DNE

focal

DNE

groovy

DNE

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

released

2.27-3ubuntu1.2
cosmic

not-affected

2.28-0ubuntu1
devel

not-affected

2.28-0ubuntu1
disco

not-affected

2.28-0ubuntu1
eoan

not-affected

2.28-0ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

2.27-3ubuntu1.2
esm-infra/focal

not-affected

2.28-0ubuntu1
esm-infra/xenial

released

2.23-0ubuntu11.2

Показывать по

Ссылки на источники

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-11236

CVSS3: 7.8
redhat
почти 8 лет назад

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.

nvd логотип

CVE-2018-11236

CVSS3: 9.8
nvd
больше 7 лет назад

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.

debian логотип

CVE-2018-11236

CVSS3: 9.8
debian
больше 7 лет назад

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 a ...

suse-cvrf логотип

SUSE-SU-2018:2302-1

suse-cvrf
больше 7 лет назад

Security update for glibc

github логотип

GHSA-pgv4-4294-ccrq

CVSS3: 9.8
github
больше 3 лет назад

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.

7.5 High

CVSS2

9.8 Critical

CVSS3