SUSE-SU-2020:0832-1 -- SLES glibc, nscdID: oval:org.secpod.oval:def:89000229 | Date: (C)2021-02-19 (M)2024-04-17 |
Class: PATCH | Family: unix |
This update for glibc fixes the following issues: - CVE-2020-1752: Fixed a use after free in glob which could have allowed a local attacker to create a specially crafted path that, when processed by the glob function, could potentially have led to arbitrary code execution . - CVE-2020-1751: Fixed an array overflow in backtrace for PowerPC . - CVE-2020-10029: Fixed a stack buffer overflow during range reduction . - Use "posix_spawn" on popen preventing crash caused by "subprocess". - Fix handling of needles crossing a page, preventing incorrect results to return during the cross page boundary search
Platform: |
SUSE Linux Enterprise Server 12 SP5 |
SUSE Linux Enterprise Server 12 SP4 |