Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities found for klibc by klibc_project
CVE-2021-31870 (GCVE-0-2021-31870)
Vulnerability from cvelistv5 – Published: 2021-04-30 05:19 – Updated: 2024-08-03 23:10
VLAI
Summary
An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://kernel.org/pub/linux/libs/klibc/2.0/ | x_refsource_MISC |
| https://git.kernel.org/pub/scm/libs/klibc/klibc.g… | x_refsource_MISC |
| https://lists.zytor.com/archives/klibc/2021-April… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2021/04/30/1 | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:30.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=292650f04c2b5348b4efbad61fb014ed09b4f3f2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T20:06:16.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=292650f04c2b5348b4efbad61fb014ed09b4f3f2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kernel.org/pub/linux/libs/klibc/2.0/",
"refsource": "MISC",
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"name": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=292650f04c2b5348b4efbad61fb014ed09b4f3f2",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=292650f04c2b5348b4efbad61fb014ed09b4f3f2"
},
{
"name": "https://lists.zytor.com/archives/klibc/2021-April/004593.html",
"refsource": "MISC",
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31870",
"datePublished": "2021-04-30T05:19:13.000Z",
"dateReserved": "2021-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:10:30.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31872 (GCVE-0-2021-31872)
Vulnerability from cvelistv5 – Published: 2021-04-30 05:19 – Updated: 2024-08-03 23:10
VLAI
Summary
An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://kernel.org/pub/linux/libs/klibc/2.0/ | x_refsource_MISC |
| https://lists.zytor.com/archives/klibc/2021-April… | x_refsource_MISC |
| https://git.kernel.org/pub/scm/libs/klibc/klibc.g… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2021/04/30/1 | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:31.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=9b1c91577aef7f2e72c3aa11a27749160bd278ff"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T20:06:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=9b1c91577aef7f2e72c3aa11a27749160bd278ff"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31872",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kernel.org/pub/linux/libs/klibc/2.0/",
"refsource": "MISC",
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"name": "https://lists.zytor.com/archives/klibc/2021-April/004593.html",
"refsource": "MISC",
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"name": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=9b1c91577aef7f2e72c3aa11a27749160bd278ff",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=9b1c91577aef7f2e72c3aa11a27749160bd278ff"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31872",
"datePublished": "2021-04-30T05:19:04.000Z",
"dateReserved": "2021-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:10:31.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31871 (GCVE-0-2021-31871)
Vulnerability from cvelistv5 – Published: 2021-04-30 05:18 – Updated: 2024-08-03 23:10
VLAI
Summary
An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereference on 64-bit systems.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://kernel.org/pub/linux/libs/klibc/2.0/ | x_refsource_MISC |
| https://lists.zytor.com/archives/klibc/2021-April… | x_refsource_MISC |
| https://git.kernel.org/pub/scm/libs/klibc/klibc.g… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2021/04/30/1 | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:30.764Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=2e48a12ab1e30d43498c2d53e878a11a1b5102d5"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereference on 64-bit systems."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T20:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=2e48a12ab1e30d43498c2d53e878a11a1b5102d5"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereference on 64-bit systems."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kernel.org/pub/linux/libs/klibc/2.0/",
"refsource": "MISC",
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"name": "https://lists.zytor.com/archives/klibc/2021-April/004593.html",
"refsource": "MISC",
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"name": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=2e48a12ab1e30d43498c2d53e878a11a1b5102d5",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=2e48a12ab1e30d43498c2d53e878a11a1b5102d5"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31871",
"datePublished": "2021-04-30T05:18:52.000Z",
"dateReserved": "2021-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:10:30.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31873 (GCVE-0-2021-31873)
Vulnerability from cvelistv5 – Published: 2021-04-30 00:00 – Updated: 2024-08-03 23:10
VLAI
Summary
An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:30.261Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=a31ae8c508fc8d1bca4f57e9f9f88127572d5202"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/huolinjue/klibc/commit/a31ae8c508fc8d1bca4f57e9f9f88127572d5202"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-07T21:37:29.378Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=a31ae8c508fc8d1bca4f57e9f9f88127572d5202"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
},
{
"url": "https://github.com/huolinjue/klibc/commit/a31ae8c508fc8d1bca4f57e9f9f88127572d5202"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31873",
"datePublished": "2021-04-30T00:00:00.000Z",
"dateReserved": "2021-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:10:30.261Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1930 (GCVE-0-2011-1930)
Vulnerability from cvelistv5 – Published: 2019-11-14 02:01 – Updated: 2024-08-06 22:46
VLAI
Summary
In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any process which sources DHCP options.
Severity
No CVSS data available.
CWE
- Other
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://access.redhat.com/security/cve/cve-2011-1930 | x_refsource_MISC |
| http://security.gentoo.org/glsa/glsa-201309-21.xml | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/0… | x_refsource_MISC |
| http://www.securityfocus.com/bid/47924 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:46:00.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2011-1930"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2011-1930"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-21.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/22/12"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47924"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "klibc",
"vendor": "klibc",
"versions": [
{
"status": "affected",
"version": "1.5.20"
},
{
"status": "affected",
"version": "1.5.21"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any process which sources DHCP options."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T02:01:32.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2011-1930"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2011-1930"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-21.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/22/12"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/47924"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1930",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "klibc",
"version": {
"version_data": [
{
"version_value": "1.5.20"
},
{
"version_value": "1.5.21"
}
]
}
}
]
},
"vendor_name": "klibc"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any process which sources DHCP options."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2011-1930",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2011-1930"
},
{
"name": "https://access.redhat.com/security/cve/cve-2011-1930",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/cve-2011-1930"
},
{
"name": "http://security.gentoo.org/glsa/glsa-201309-21.xml",
"refsource": "MISC",
"url": "http://security.gentoo.org/glsa/glsa-201309-21.xml"
},
{
"name": "http://www.openwall.com/lists/oss-security/2012/05/22/12",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/05/22/12"
},
{
"name": "http://www.securityfocus.com/bid/47924",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/47924"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1930",
"datePublished": "2019-11-14T02:01:32.000Z",
"dateReserved": "2011-05-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:46:00.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31870 (GCVE-0-2021-31870)
Vulnerability from nvd – Published: 2021-04-30 05:19 – Updated: 2024-08-03 23:10
VLAI
Summary
An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://kernel.org/pub/linux/libs/klibc/2.0/ | x_refsource_MISC |
| https://git.kernel.org/pub/scm/libs/klibc/klibc.g… | x_refsource_MISC |
| https://lists.zytor.com/archives/klibc/2021-April… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2021/04/30/1 | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:30.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=292650f04c2b5348b4efbad61fb014ed09b4f3f2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T20:06:16.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=292650f04c2b5348b4efbad61fb014ed09b4f3f2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kernel.org/pub/linux/libs/klibc/2.0/",
"refsource": "MISC",
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"name": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=292650f04c2b5348b4efbad61fb014ed09b4f3f2",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=292650f04c2b5348b4efbad61fb014ed09b4f3f2"
},
{
"name": "https://lists.zytor.com/archives/klibc/2021-April/004593.html",
"refsource": "MISC",
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31870",
"datePublished": "2021-04-30T05:19:13.000Z",
"dateReserved": "2021-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:10:30.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31872 (GCVE-0-2021-31872)
Vulnerability from nvd – Published: 2021-04-30 05:19 – Updated: 2024-08-03 23:10
VLAI
Summary
An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://kernel.org/pub/linux/libs/klibc/2.0/ | x_refsource_MISC |
| https://lists.zytor.com/archives/klibc/2021-April… | x_refsource_MISC |
| https://git.kernel.org/pub/scm/libs/klibc/klibc.g… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2021/04/30/1 | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:31.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=9b1c91577aef7f2e72c3aa11a27749160bd278ff"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T20:06:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=9b1c91577aef7f2e72c3aa11a27749160bd278ff"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31872",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kernel.org/pub/linux/libs/klibc/2.0/",
"refsource": "MISC",
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"name": "https://lists.zytor.com/archives/klibc/2021-April/004593.html",
"refsource": "MISC",
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"name": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=9b1c91577aef7f2e72c3aa11a27749160bd278ff",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=9b1c91577aef7f2e72c3aa11a27749160bd278ff"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31872",
"datePublished": "2021-04-30T05:19:04.000Z",
"dateReserved": "2021-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:10:31.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31871 (GCVE-0-2021-31871)
Vulnerability from nvd – Published: 2021-04-30 05:18 – Updated: 2024-08-03 23:10
VLAI
Summary
An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereference on 64-bit systems.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://kernel.org/pub/linux/libs/klibc/2.0/ | x_refsource_MISC |
| https://lists.zytor.com/archives/klibc/2021-April… | x_refsource_MISC |
| https://git.kernel.org/pub/scm/libs/klibc/klibc.g… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2021/04/30/1 | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:30.764Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=2e48a12ab1e30d43498c2d53e878a11a1b5102d5"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereference on 64-bit systems."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T20:06:20.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=2e48a12ab1e30d43498c2d53e878a11a1b5102d5"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereference on 64-bit systems."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kernel.org/pub/linux/libs/klibc/2.0/",
"refsource": "MISC",
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"name": "https://lists.zytor.com/archives/klibc/2021-April/004593.html",
"refsource": "MISC",
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"name": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=2e48a12ab1e30d43498c2d53e878a11a1b5102d5",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=2e48a12ab1e30d43498c2d53e878a11a1b5102d5"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31871",
"datePublished": "2021-04-30T05:18:52.000Z",
"dateReserved": "2021-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:10:30.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31873 (GCVE-0-2021-31873)
Vulnerability from nvd – Published: 2021-04-30 00:00 – Updated: 2024-08-03 23:10
VLAI
Summary
An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:30.261Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=a31ae8c508fc8d1bca4f57e9f9f88127572d5202"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/huolinjue/klibc/commit/a31ae8c508fc8d1bca4f57e9f9f88127572d5202"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-07T21:37:29.378Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://kernel.org/pub/linux/libs/klibc/2.0/"
},
{
"url": "https://lists.zytor.com/archives/klibc/2021-April/004593.html"
},
{
"url": "https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=a31ae8c508fc8d1bca4f57e9f9f88127572d5202"
},
{
"name": "[oss-security] 20210430 [ANNOUNCE] klibc 2.0.9",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/04/30/1"
},
{
"name": "[debian-lts-announce] 20210628 [SECURITY] [DLA 2695-1] klibc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00025.html"
},
{
"url": "https://github.com/huolinjue/klibc/commit/a31ae8c508fc8d1bca4f57e9f9f88127572d5202"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31873",
"datePublished": "2021-04-30T00:00:00.000Z",
"dateReserved": "2021-04-29T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:10:30.261Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1930 (GCVE-0-2011-1930)
Vulnerability from nvd – Published: 2019-11-14 02:01 – Updated: 2024-08-06 22:46
VLAI
Summary
In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any process which sources DHCP options.
Severity
No CVSS data available.
CWE
- Other
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://security-tracker.debian.org/tracker/CVE-2… | x_refsource_MISC |
| https://access.redhat.com/security/cve/cve-2011-1930 | x_refsource_MISC |
| http://security.gentoo.org/glsa/glsa-201309-21.xml | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/0… | x_refsource_MISC |
| http://www.securityfocus.com/bid/47924 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:46:00.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2011-1930"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2011-1930"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-21.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/22/12"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47924"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "klibc",
"vendor": "klibc",
"versions": [
{
"status": "affected",
"version": "1.5.20"
},
{
"status": "affected",
"version": "1.5.21"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any process which sources DHCP options."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T02:01:32.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2011-1930"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2011-1930"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-21.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/22/12"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/47924"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1930",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "klibc",
"version": {
"version_data": [
{
"version_value": "1.5.20"
},
{
"version_value": "1.5.21"
}
]
}
}
]
},
"vendor_name": "klibc"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any process which sources DHCP options."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2011-1930",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2011-1930"
},
{
"name": "https://access.redhat.com/security/cve/cve-2011-1930",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/cve-2011-1930"
},
{
"name": "http://security.gentoo.org/glsa/glsa-201309-21.xml",
"refsource": "MISC",
"url": "http://security.gentoo.org/glsa/glsa-201309-21.xml"
},
{
"name": "http://www.openwall.com/lists/oss-security/2012/05/22/12",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/05/22/12"
},
{
"name": "http://www.securityfocus.com/bid/47924",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/47924"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1930",
"datePublished": "2019-11-14T02:01:32.000Z",
"dateReserved": "2011-05-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:46:00.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}