In glibc 2.26 and previous versions there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu glibc |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 17.10 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 14.04 |
||
redhat enterprise linux desktop 7.0 |
||
redhat enterprise linux server tus 7.6 |
||
redhat virtualization host 4.0 |
||
redhat enterprise linux server aus 7.6 |
||
redhat enterprise linux server eus 7.6 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux workstation 7.0 |