Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
172
security advisorydenial of servicesoftware updateUbuntu 14.04 LTS USN-7259-3: Moderate eglibc Denial of Service
GNU C Library could be made to crash or run programs if it received specially crafted input.. ========================================================================== Ubuntu Security Notice USN-7259-3 February 10, 2025 eglibc vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: GNU C Library could be made to crash or run programs if it received specially crafted input. Software Description: - eglibc: GNU C Library Details: USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that GNU C Library incorrectly handled memory when using the assert function. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS libc6 2.19-0ubuntu6.15+esm4 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7259-3 https://ubuntu.com/security/notices/USN-7259-2 https://ubuntu.com/security/notices/USN-7259-1 CVE-2025-0395 . The recent GNU C Library update tackles input processing vulnerabilities, mitigating risks of crashes or unauthorized code execution in Debian.. GNU C Library, Ubuntu updates, eglibc security, software vulnerabilities. . LinuxSecurity.com Team
Feb 10, 2025
Ubuntu
172
security advisoryarbitrary codeubuntuUbuntu 14.04 ESM: USN-4218-1 Critical: eglibc Arbitrary Code Execution
GNU C could be made to execute arbitrary code or cause a crash if it received a specially crafted input.. =========================================================================Ubuntu Security Notice USN-4218-1 December 10, 2019 eglibc vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM Summary: GNU C could be made to execute arbitrary code or cause a crash if it received a specially crafted input. Software Description: - eglibc: GNU C Library Details: Jakub Wilk discovered that GNU C incorrectly handled certain memory alignments. An attacker could possibly use this issue to execute arbitrary code or cause a crash. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: libc6 2.19-0ubuntu6.15+esm1 Ubuntu 12.04 ESM: libc6 2.15-0ubuntu10.22 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4218-1 CVE-2018-6485 . Critical advisory for Ubuntu ESM subscribers regarding eglibc flaw that enables potential code execution or system instability.. Ubuntu ESM, eglibc update, security advisory, memory alignment, arbitrary execution. . Severity: Critical. LinuxSecurity.com Team
Dec 10, 2019
•Critical
Ubuntu
197
security advisorymoderatesecurity issueDebian 7 Wheezy DLA-992-1 Moderate: eglibc Local Escalation Threat
The Qualys Research Labs discovered various problems in the dynamic linker of the GNU C Library which allow local privilege escalation by clashing the stack. For the full details, please refer to their advisory published at: . Package : eglibc Version : 2.13-38+deb7u12 CVE ID : CVE-2017-1000366 The Qualys Research Labs discovered various problems in the dynamic linker of the GNU C Library which allow local privilege escalation by clashing the stack. For the full details, please refer to their advisory published at: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt For Debian 7 "Wheezy", these problems have been fixed in version 2.13-38+deb7u12. We recommend that you upgrade your eglibc packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance eglibc to rectify local privilege elevation vulnerabilities identified by Qualys Research Labs for Debian Wheezy.. eglbc Security Update, Debian Release, Privilege Escalation Fix. . Severity: Important. LinuxSecurity.com Team
Jun 19, 2017
•Important
Debian LTS
172
security advisorydenial of servicecriticalUbuntu 14.10: USN-2519-1 Critical Denial Of Service in glibc
Several security issues were fixed in the GNU C Library.. =========================================================================Ubuntu Security Notice USN-2519-1 February 26, 2015 eglibc, glibc vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS Summary: Several security issues were fixed in the GNU C Library. Software Description: - glibc: GNU C Library - eglibc: GNU C Library Details: Arnaud Le Blanc discovered that the GNU C Library incorrectly handled file descriptors when resolving DNS queries under high load. This may cause a denial of service in other applications, or an information leak. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2013-7423) It was discovered that the GNU C Library incorrectly handled receiving a positive answer while processing the network name when performing DNS resolution. A remote attacker could use this issue to cause the GNU C Library to hang, resulting in a denial of service. (CVE-2014-9402) Joseph Myers discovered that the GNU C Library wscanf function incorrectly handled memory. A remote attacker could possibly use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-1472, CVE-2015-1473) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.10: libc6 2.19-10ubuntu2.3 Ubuntu 14.04 LTS: libc6 2.19-0ubuntu6.6 Ubuntu 12.04 LTS: libc6 2.15-0ubuntu10.11 Ubuntu 10.04 LTS: libc6 2.11.1-0ubuntu7.21 After a standard system update you need to reboot your computer tomake all the necessary changes. References: https://ubuntu.com/security/notices/USN-2519-1 CVE-2013-7423, CVE-2014-9402, CVE-2015-1472, CVE-2015-1473 Package Information: https://launchpad.net/ubuntu/+source/glibc/2.19-10ubuntu2.3 https://launchpad.net/ubuntu/+source/eglibc/2.19-0ubuntu6.6 https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.11 https://launchpad.net/ubuntu/+source/eglibc/2.11.1-0ubuntu7.21 . Security Notice USN-2519-1 resolves eglibc and glibc issues, fixing critical Denial of Service threats in Ubuntu.. glibc vulnerabilities, eglibc patch, Ubuntu security update, denial of service fix. . Severity: Critical. LinuxSecurity.com Team
Feb 26, 2015
•Critical
Ubuntu
172
security advisorydenial of servicesoftware updateUbuntu 10.04 LTS: USN-2306-3 Moderate eglibc Denial of Service Fix
USN-2306-1 introduced a regression in the GNU C Library.. =========================================================================Ubuntu Security Notice USN-2306-3 September 08, 2014 eglibc regression ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.04 LTS Summary: USN-2306-1 introduced a regression in the GNU C Library. Software Description: - eglibc: GNU C Library Details: USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS, the fix for CVE-2013-4357 introduced a memory leak in getaddrinfo. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Maksymilian Arciemowicz discovered that the GNU C Library incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 10.04 LTS. (CVE-2013-4357) It was discovered that the GNU C Library incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2013-4458) Stephane Chazelas discovered that the GNU C Library incorrectly handled locale environment variables. An attacker could use this issue to possibly bypass certain restrictions such as the ForceCommand restrictions in OpenSSH. (CVE-2014-0475) David Reid, Glyph Lefkowitz, and Alex Gaynor discovered that the GNU C Library incorrectly handled posix_spawn_file_actions_addopen() path arguments. An attacker could use this issue to cause a denial of service. (CVE-2014-4043) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.04 LTS: libc6 2.11.1-0ubuntu7.17 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2306-3 https://ubuntu.com/security/notices/USN-2306-1 https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1364584 Package Information: https://launchpad.net/ubuntu/+source/eglibc/2.11.1-0ubuntu7.17 . Uncover the issue with OpenSSL in Ubuntu 18.04 LTS resolved by USN-4124-1, impacting security and performance.. Ubuntu Security, eglibc Update, Denial of Service, Software Security. . LinuxSecurity.com Team
Sep 08, 2014
Ubuntu
172
security advisorycriticalaccess issueUbuntu 14.04 LTS USN-2328-1 Critical eglibc Access Concern
Certain applications could be made to crash or run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-2328-1 August 29, 2014 eglibc vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS Summary: Certain applications could be made to crash or run programs as an administrator. Software Description: - eglibc: GNU C Library Details: Tavis Ormandy and John Haxby discovered that the GNU C Library contained an off-by-one error when performing transliteration module loading. A local attacker could exploit this to gain administrative privileges. (CVE-2014-5119) USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS and Ubuntu 12.04 LTS the security update for CVE-2014-0475 caused a regression with localplt on PowerPC. This update fixes the problem. We apologize for the inconvenience. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: libc6 2.19-0ubuntu6.3 Ubuntu 12.04 LTS: libc6 2.15-0ubuntu10.7 Ubuntu 10.04 LTS: libc6 2.11.1-0ubuntu7.16 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2328-1 CVE-2014-5119 Package Information: https://launchpad.net/ubuntu/+source/eglibc/2.19-0ubuntu6.3 https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.7 https://launchpad.net/ubuntu/+source/eglibc/2.11.1-0ubuntu7.16 . Important notice regarding the GNU C Library vulnerability for Ubuntu LTS users. Protect your machine by applying necessary updates.. GNU C Library, eglibc Update, Ubuntu Security. . Severity: Critical.LinuxSecurity.com Team
Aug 29, 2014
•Critical
Ubuntu
87
security advisorybuffer overflowcriticalDebian: 701 DSA-3012-1 Critical: Eglibc Buffer Overflow Attack
Tavis Ormandy discovered a heap-based buffer overflow in the transliteration module loading code in eglibc, Debian's version of the GNU C Library. As a result, an attacker who can supply a crafted destination character set argument to iconv-related character . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3012-1
Aug 27, 2014
•Critical
Debian
172
security advisorymoderatedenial of serviceUbuntu 14.04 LTS: USN-2307-1 Moderate: libc6 Security Flaw
Several security issues were fixed in the GNU C Library.. =========================================================================Ubuntu Security Notice USN-2306-1 August 04, 2014 eglibc vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS Summary: Several security issues were fixed in the GNU C Library. Software Description: - eglibc: GNU C Library Details: Maksymilian Arciemowicz discovered that the GNU C Library incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 10.04 LTS. (CVE-2013-4357) It was discovered that the GNU C Library incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2013-4458) Stephane Chazelas discovered that the GNU C Library incorrectly handled locale environment variables. An attacker could use this issue to possibly bypass certain restrictions such as the ForceCommand restrictions in OpenSSH. (CVE-2014-0475) David Reid, Glyph Lefkowitz, and Alex Gaynor discovered that the GNU C Library incorrectly handled posix_spawn_file_actions_addopen() path arguments. An attacker could use this issue to cause a denial of service. (CVE-2014-4043) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: libc6 2.19-0ubuntu6.1 Ubuntu 12.04 LTS: libc6 2.15-0ubuntu10.6 Ubuntu 10.04 LTS: libc6 2.11.1-0ubuntu7.14 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2306-1 CVE-2013-4357, CVE-2013-4458,CVE-2014-0475, CVE-2014-4043 Package Information: https://launchpad.net/ubuntu/+source/eglibc/2.19-0ubuntu6.1 https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.6 https://launchpad.net/ubuntu/+source/eglibc/2.11.1-0ubuntu7.14 . Security updates for Ubuntu versions 14.04, 12.04, and 10.04 have been released to fix GNULib vulnerabilities, protecting against Denial of Service attacks and enhancing system integrity. Ubuntu Security, GNU C Library, eglibc Update, DoS Threats. . LinuxSecurity.com Team
Aug 04, 2014
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!