Revision history [back]
 | 1 | initial version | posted 2019-07-24 15:05:09 +0200  |
heap-based buffer over-read in glibc CVE-2019-9169 critical remote
(MER#2047)
https://nvd.nist.gov/vuln/detail/CVE-2019-9169
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. CVSS3_base_score: 9.8 critical
This CVE and CVE-2019-6488 CVE-2016-10739 CVE-2019-7309 and CVE-2018-19591 should be fixed through update glibc-2.28 vanilla to debian-glibc-2.28-10 .
| | 2 | No.2 Revision |
heap-based buffer over-read in glibc CVE-2019-9169 critical remote
(MER#2047)(MER#2047)
https://nvd.nist.gov/vuln/detail/CVE-2019-9169
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. CVSS3_base_score: 9.8 critical
This CVE and CVE-2019-6488 CVE-2016-10739 CVE-2019-7309 and CVE-2018-19591 should be fixed through update glibc-2.28 vanilla to debian-glibc-2.28-10 .
| | 3 | No.3 Revision |
heap-based buffer over-read in glibc CVE-2019-9169 critical remote
(MER#2047)
https://nvd.nist.gov/vuln/detail/CVE-2019-9169
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. CVSS3_base_score: 9.8 critical
This CVE and CVE-2019-6488 CVE-2016-10739 CVE-2016-10739 CVE-2019-7309 and CVE-2018-19591 should be fixed through update glibc-2.28 vanilla to debian-glibc-2.28-10 .