The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.

The wordexp function in the GNU C Library (aka glibc) through 2.33 may ...

Security update for glibc

The mq_notify function in the GNU C Library (aka glibc) through 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.

Уязвимость системной библиотеки GNU C Library (glibc), связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить отказ в обслуживании

Moderate: glibc security, bug fix, and enhancement update

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.

Уязвимость функции wordexp() библиотеки, обеспечивающей системные вызовы и основные функции glibc, позволяющая нарушителю читать произвольные файлы

Security update for glibc

Уязвимость glibc