Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
f5F5F5:K15546
HistorySep 04, 2014 - 12:00 a.m.

K15546 : glibc vulnerability CVE-2014-4043

2014-09-0400:00:00
my.f5.com
16

7.5 High

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.7%

JSON

Security Advisory Description

Description

posix_spawn_file_actions_addopen in glibc prior to version 2.20 fails to copy the path argument. The result of not copying is that programs can easily trigger use-after-free bugs, or other situations where the path is mutated.

Impact

None. No F5 products are affected by this vulnerability.

Status

To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:

Product Versions known to be vulnerable Versions known to be not vulnerable Vulnerable component or feature
BIG-IP LTM None
11.0.0 - 11.6.0
10.0.0 - 10.2.4
None
BIG-IP AAM None 11.4.0 - 11.6.0 None
BIG-IP AFM None 11.3.0 - 11.6.0 None
BIG-IP Analytics None 11.0.0 - 11.6.0 None
BIG-IP APM None 11.0.0 - 11.6.0
10.1.0 - 10.2.4 None
BIG-IP ASM None 11.0.0 - 11.6.0
10.0.0 - 10.2.4 None
BIG-IP Edge Gateway
None 11.0.0 - 11.3.0
10.1.0 - 10.2.4 None
BIG-IP GTM None 11.0.0 - 11.6.0
10.0.0 - 10.2.4 None
BIG-IP Link Controller None
11.0.0 - 11.6.0
10.0.0 - 10.2.4
None
BIG-IP PEM None
11.3.0 - 11.6.0
None
BIG-IP PSM None 11.0.0 - 11.4.1
10.0.0 - 10.2.4 None
BIG-IP WebAccelerator None 11.0.0 - 11.3.0
10.0.0 - 10.2.4 None
BIG-IP WOM None 11.0.0 - 11.3.0
10.0.0 - 10.2.4 None
ARX None 6.0.0 - 6.4.0 None
Enterprise Manager None 3.0.0 - 3.1.1
2.1.0 - 2.3.0 None
FirePass None 7.0.0
6.0.0 - 6.1.0 None
BIG-IQ Cloud None
4.0.0 - 4.3.0
None
BIG-IQ Device None
4.2.0 - 4.3.0
None
BIG-IQ Security None
4.0.0 - 4.3.0
None

Recommended Action

None

Supplemental Information

Related

openvas 19
cvelist 1
f5 1
nessus 24
suse 3
cve 1
prion 1
nvd 1
ubuntucve 1
securityvulns 4
debiancve 1
mageia 1
ubuntu 3
osv 2
debian 2
slackware 1
gentoo 1
packetstorm 2
rosalinux 1
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2014:0920-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for glibc (openSUSE-SU-2015:1387-1)
2015-08-15 00:00:00
Mageia: Security Advisory (MGASA-2014-0314)
2022-01-28 00:00:00
cvelist
cvelist
CVE-2014-4043
2014-10-06 23:00:00
f5
f5
SOL15546 - glibc vulnerability CVE-2014-4043
2014-09-04 00:00:00
nessus
nessus
SuSE 11.3 Security Update : glibc (SAT Patch Number 9477)
2014-07-20 00:00:00
openSUSE Security Update : glibc (openSUSE-2015-544)
2015-08-17 00:00:00
Mandriva Linux Security Advisory : glibc (MDVSA-2014:152)
2014-08-07 00:00:00
suse
suse
Security update for glibc (important)
2015-08-14 16:09:31
Security update for glibc (important)
2014-09-12 06:04:16
Security update for glibc (important)
2014-09-15 19:04:18
cve
cve
CVE-2014-4043
2014-10-06 23:55:08
prion
prion
Design/Logic Flaw
2014-10-06 23:55:00
nvd
nvd
CVE-2014-4043
2014-10-06 23:55:08
ubuntucve
ubuntucve
CVE-2014-4043
2014-06-13 00:00:00
securityvulns
securityvulns
glibc use-after-free
2014-08-11 00:00:00
[ MDVSA-2014:152 ] glibc
2014-08-11 00:00:00
GNU glibc multiple security vulnerabilities
2015-03-07 00:00:00
debiancve
debiancve
CVE-2014-4043
2014-10-06 23:55:08
mageia
mageia
Updated glibc packages fix security issues
2014-08-06 00:08:48
ubuntu
ubuntu
GNU C Library vulnerabilities
2014-08-04 00:00:00
GNU C Library regression
2014-09-08 00:00:00
GNU C Library regression
2014-08-05 00:00:00
osv
osv
eglibc - security update
2015-02-23 00:00:00
eglibc - security update
2015-03-06 00:00:00
debian
debian
[SECURITY] [DSA 3169-1] eglibc security update
2015-02-23 06:08:58
[SECURITY] [DLA 165-1] eglibc security update
2015-03-06 15:39:53
slackware
slackware
[slackware-security] glibc
2014-10-24 05:36:04
gentoo
gentoo
GNU C Library: Multiple vulnerabilities
2015-03-08 00:00:00
packetstorm
packetstorm
Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
2019-09-04 00:00:00
WAGO 852 Industrial Managed Switch Series Code Execution / Hardcoded Credentials
2019-06-13 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1844
2021-07-02 16:56:21

7.5 High

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.7%

JSON
Related for F5:K15546
openvas19cvelist1f51nessus24suse3cve1prion1nvd1ubuntucve1securityvulns4debiancve1mageia1ubuntu3osv2debian2slackware1gentoo1packetstorm2rosalinux1