Uclibc-ng_project Uclibc-ng

7 CVEs affecting Uclibc-ng_project Uclibc-ng. Latest disclosed: 2022-09-29. Critical: 2, High: 4.

Top CVEs affecting Uclibc-ng_project Uclibc-ng
CVESeverityScorePublishedSummary
CVE-2022-29503Critical9.82022-09-29A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread allocation can lead to me…
CVE-2021-43523Critical9.62021-11-10In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethost…
CVE-2016-2225High7.52017-03-24The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via a c…
CVE-2016-2224High7.52017-03-24The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via vector…
CVE-2016-6264High7.52017-01-27Integer signedness error in libc/string/arm/memset.S in uClibc and uClibc-ng before 1.0.16 allows context-dependent attackers to cause a denial of service (cra…
CVE-2021-27419High7.32022-05-03uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memo…
CVE-2022-30295Medium6.52022-05-06uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs that may lead to DNS cache poisoning. This is related to a reset of a…