stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and previous versions, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu glibc |
||
redhat enterprise linux desktop 7.0 |
||
redhat enterprise linux workstation 7.0 |
||
redhat enterprise linux server 7.0 |
||
redhat virtualization host 4.0 |
||
oracle enterprise communications broker 3.0.0 |
||
oracle enterprise communications broker 3.1.0 |
||
oracle communications session border controller 8.1.0 |
||
oracle communications session border controller 8.2.0 |
||
oracle communications session border controller 8.0.0 |
||
netapp data ontap edge - |
||
netapp element software management - |