Lucene search
PRIOn knowledge basePRION:CVE-2019-19126HistoryNov 19, 2019 - 10:15 p.m.
Code injection
2019-11-1922:15:00
PRIOn knowledge base
www.prio-n.com
7
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ubuntu_linux | eq | 18.04 | |
| ubuntu_linux | eq | 19.10 | |
| ubuntu_linux | eq | 16.04 | |
| debian_linux | eq | 10.0 | |
| fedora | eq | 30 | |
| fedora | eq | 31 | |
| glibc | lt | 2.31 |
References
lists.debian.org/debian-lts-announce/2022/10/msg00021.html
lists.fedoraproject.org/archives/list/[email protected]/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/
lists.fedoraproject.org/archives/list/[email protected]/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/
sourceware.org/bugzilla/show_bug.cgi?id=25204
usn.ubuntu.com/4416-1/
Related
nessus
nessus
Scientific Linux Security Update : glibc on SL7.x x86_64 (20201001)
2020-10-21 00:00:00
SUSE SLED15 / SLES15 Security Update : glibc (SUSE-SU-2020:0262-1)
2020-01-31 00:00:00
Oracle Linux 7 : glibc (ELSA-2020-3861)
2023-09-07 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: glibc-2.29-28.fc30
2020-02-06 01:02:49
[SECURITY] Fedora 31 Update: glibc-2.30-10.fc31
2020-01-20 22:49:03
redhatcve
redhatcve
CVE-2019-19126
2019-11-20 17:37:39
ubuntucve
ubuntucve
CVE-2019-19126
2019-11-19 00:00:00
openvas
openvas
Fedora: Security Advisory for glibc (FEDORA-2020-1a3bdfde17)
2020-01-27 00:00:00
Fedora: Security Advisory for glibc (FEDORA-2020-c32e4b271c)
2020-02-06 00:00:00
Mageia: Security Advisory (MGASA-2019-0349)
2022-01-28 00:00:00
cvelist
cvelist
CVE-2019-19126
2019-11-19 00:00:00
oraclelinux
oraclelinux
glibc security, bug fix, and enhancement update
2020-05-05 00:00:00
glibc security, bug fix, and enhancement update
2020-10-06 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in GNU C Library (CVE-2019-19126)
2023-01-12 21:59:00
redhat
redhat
cbl_mariner
cbl_mariner
CVE-2019-19126 affecting package glibc 2.28-24
2020-11-30 19:30:47
veracode
veracode
Arbitrary Code Execution
2020-10-01 03:50:18
osv
osv
CVE-2019-19126
2019-11-19 22:15:11
glibc - security update
2022-10-17 00:00:00
centos
centos
glibc, nscd security update
2020-10-20 18:07:43
mageia
mageia
Updated glibc packages fix security vulnerability
2019-11-30 16:06:06
cve
cve
CVE-2019-19126
2019-11-19 22:15:11
nvd
nvd
CVE-2019-19126
2019-11-19 22:15:11
debiancve
debiancve
CVE-2019-19126
2019-11-19 22:15:11
amazon
amazon
f5
f5
photon
photon
Important Photon OS Security Update - PHSA-2020-3.0-0103
2020-06-12 00:00:00
Important Photon OS Security Update - PHSA-2020-0103
2020-06-12 00:00:00
cloudfoundry
cloudfoundry
USN-4416-1: GNU C Library vulnerabilities | Cloud Foundry
2020-08-27 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2020-07-06 00:00:00
debian
debian
[SECURITY] [DLA 3152-1] glibc security update
2022-10-17 15:54:41
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
avleonov
avleonov