Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:ALSA-2021:1585
HistoryMay 18, 2021 - 5:35 a.m.

Moderate: glibc security, bug fix, and enhancement update

2021-05-1805:35:07
Google
osv.dev
10

9.6 High

AI Score

Confidence

High

0.02 Low

EPSS

Percentile

89.1%

JSON

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.

Security Fix(es):

  • glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding (CVE-2019-25013)

  • glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read (CVE-2019-9169)

  • glibc: assertion failure in ISO-2022-JP-3 gconv module related to combining characters (CVE-2021-3326)

  • glibc: iconv program can hang when invoked with the -c option (CVE-2016-10228)

  • glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop (CVE-2020-27618)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

Related

nessus 63
oraclelinux 3
redhat 1
almalinux 1
osv 7
rocky 1
openvas 35
ubuntu 2
nvd 5
cve 5
archlinux 3
amazon 4
ubuntucve 5
cvelist 5
f5 5
debiancve 5
prion 5
gentoo 1
suse 2
mageia 2
photon 10
fedora 2
ibm 6
redhatcve 5
cloudfoundry 1
veracode 4
attackerkb 1
redos 4
cbl_mariner 4
debian 1
altlinux 1
nessus
nessus
Rocky Linux 8 : glibc (RLSA-2021:1585)
2023-11-07 00:00:00
Oracle Linux 8 : glibc (ELSA-2021-9344)
2021-11-05 00:00:00
RHEL 8 : glibc (RHSA-2021:1585)
2021-05-19 00:00:00
oraclelinux
oraclelinux
glibc security, bug fix, and enhancement update
2021-05-25 00:00:00
glibc security update
2021-06-04 00:00:00
glibc security update
2021-07-02 00:00:00
redhat
redhat
(RHSA-2021:1585) Moderate: glibc security, bug fix, and enhancement update
2021-05-18 05:35:07
almalinux
almalinux
Moderate: glibc security, bug fix, and enhancement update
2021-05-18 05:35:07
osv
osv
Moderate: glibc security, bug fix, and enhancement update
2021-05-18 05:35:07
glibc vulnerabilities
2022-12-08 13:17:39
CVE-2020-27618
2021-02-26 23:15:11
rocky
rocky
glibc security, bug fix, and enhancement update
2021-05-18 05:35:07
openvas
openvas
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2021-2136)
2021-07-07 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2021-1899)
2021-05-19 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2021-2374)
2021-09-15 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2022-12-08 00:00:00
GNU C Library vulnerabilities
2022-03-01 00:00:00
nvd
nvd
CVE-2020-27618
2021-02-26 23:15:11
CVE-2016-10228
2017-03-02 01:59:00
CVE-2019-9169
2019-02-26 02:29:00
cve
cve
CVE-2020-27618
2021-02-26 23:15:11
CVE-2016-10228
2017-03-02 01:59:00
CVE-2019-9169
2019-02-26 02:29:00
archlinux
archlinux
[ASA-202102-17] glibc: denial of service
2021-02-07 00:00:00
[ASA-202102-16] lib32-glibc: denial of service
2021-02-07 00:00:00
[ASA-201911-3] glibc: information disclosure
2019-11-03 00:00:00
amazon
amazon
Medium: glibc
2021-06-16 20:37:00
Important: glibc
2021-02-19 01:17:00
Important: glibc
2021-02-17 18:03:00
ubuntucve
ubuntucve
CVE-2020-27618
2021-02-26 00:00:00
CVE-2016-10228
2017-03-02 00:00:00
CVE-2019-9169
2019-02-26 00:00:00
cvelist
cvelist
CVE-2020-27618
2021-02-26 00:00:00
CVE-2016-10228
2017-03-02 00:00:00
CVE-2019-9169
2019-02-26 02:00:00
f5
f5
K08641512 : glibc vulnerability CVE-2020-27618
2021-07-13 00:00:00
K54823184 : glibc vulnerability CVE-2019-9169
2019-04-16 00:00:00
K52494142: GNU C Library (glibc) vulnerability CVE-2016-10228
2021-07-02 00:00:00
debiancve
debiancve
CVE-2020-27618
2021-02-26 23:15:11
CVE-2019-9169
2019-02-26 02:29:00
CVE-2016-10228
2017-03-02 01:59:00
prion
prion
Input validation
2021-02-26 23:15:00
Input validation
2017-03-02 01:59:00
Heap overflow
2019-02-26 02:29:00
gentoo
gentoo
glibc: Multiple vulnerabilities
2021-07-06 00:00:00
suse
suse
Security update for glibc (important)
2021-02-28 00:00:00
Security update for glibc (moderate)
2021-12-10 00:00:00
mageia
mageia
Updated glibc packages fixes security vulnerabilities
2021-03-21 13:43:43
Updated glibc packages fix a security vulnerability
2021-06-29 00:16:35
photon
photon
Important Photon OS Security Update - PHSA-2021-0005
2021-03-16 00:00:00
Important Photon OS Security Update - PHSA-2021-4.0-0005
2021-03-16 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0215
2019-03-14 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: glibc-2.31-5.fc32
2021-01-20 01:28:29
[SECURITY] Fedora 33 Update: glibc-2.32-3.fc33
2021-01-18 01:35:42
ibm
ibm
Security Bulletin: Vulnerability in glibc affects Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows (CVE-2016-10228)
2019-01-31 02:25:02
Security Bulletin: A vulnerability in glibc impacts IBM Watson™ Speech Services
2021-08-09 14:37:14
Security Bulletin: glibc vulnerability affects IBM Elastic Storage System (CVE-2020-27618)
2021-07-30 05:03:45
redhatcve
redhatcve
CVE-2016-10228
2017-03-02 09:18:08
CVE-2019-9169
2019-02-28 10:49:37
CVE-2020-27618
2020-11-02 12:26:42
cloudfoundry
cloudfoundry
USN-5310-1: GNU C Library vulnerabilities | Cloud Foundry
2023-05-18 00:00:00
veracode
veracode
Arbitrary Code Execution
2021-05-24 00:37:54
Denial Of Service (DoS)
2021-05-24 00:38:07
Buffer Overflow
2021-02-05 03:21:05
attackerkb
attackerkb
CVE-2019-9169
2019-02-26 00:00:00
redos
redos
ROS-20231020-10
2023-10-20 00:00:00
ROS-20230420-02
2023-04-20 00:00:00
ROS-2-796
2021-09-08 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-27618 affecting package glibc 2.28-24
2021-05-06 23:56:55
CVE-2019-9169 affecting package glibc 2.28-24
2020-10-08 18:09:54
CVE-2019-25013 affecting package glibc 2.28-24
2021-01-29 07:39:27
debian
debian
[SECURITY] [DLA 3152-1] glibc security update
2022-10-17 15:54:41
altlinux
altlinux
Security fix for the ALT Linux 9 package glibc version 6:2.27-alt14
2021-09-23 00:00:00

9.6 High

AI Score

Confidence

High

0.02 Low

EPSS

Percentile

89.1%

JSON
Related for OSV:ALSA-2021:1585
nessus63oraclelinux3redhat1almalinux1osv7rocky1openvas35ubuntu2nvd5cve5archlinux3amazon4ubuntucve5cvelist5f55debiancve5prion5gentoo1suse2mageia2photon10fedora2ibm6redhatcve5cloudfoundry1veracode4attackerkb1redos4cbl_mariner4debian1altlinux1