AVG-1621 - glibc - Arch Linux
AVG-1621 log
| Package | glibc |
| Status | Vulnerable |
| Severity | Medium |
| Type | multiple issues |
| Affected | 2.33-5 |
| Fixed | Unknown |
| Current | 2.33-5 [core] |
| Ticket | Create |
| Created | Wed Feb 24 17:50:39 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-35942 | Medium | Yes | Information disclosure | The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with... |
| CVE-2021-33574 | Low | No | Arbitrary code execution | The mq_notify function in the GNU C Library (aka glibc) through 2.33 has a use-after-free. It may use the notification thread attributes object (passed... |
| CVE-2021-27645 | Low | Yes | Denial of service | The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash... |