Описание
Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | needed | |
| jammy | DNE | |
| noble | DNE | |
| questing | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | pending | 2.42-2ubuntu5 |
| esm-infra/bionic | released | 2.27-3ubuntu1.6+esm6 |
| esm-infra/focal | released | 2.31-0ubuntu9.18+esm1 |
| esm-infra/xenial | released | 2.23-0ubuntu11.3+esm9 |
| jammy | released | 2.35-0ubuntu3.13 |
| noble | released | 2.39-0ubuntu8.7 |
| questing | released | 2.42-0ubuntu3.1 |
| upstream | released | 2.42-11 |
Показывать по
EPSS
7.5 High
CVSS3
Связанные уязвимости
Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.
Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the ...
Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.
EPSS
7.5 High
CVSS3