In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/107160 | Broken Link |
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140 | Exploit Mailing List Vendor Advisory |
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142 | Exploit Mailing List Vendor Advisory |
https://kc.mcafee.com/corporate/index?page=content&id=SB10278 | Third Party Advisory |
https://security.gentoo.org/glsa/202006-04 | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20190315-0002/ | Patch Third Party Advisory |
https://sourceware.org/bugzilla/show_bug.cgi?id=24114 | Issue Tracking Patch Third Party Advisory |
https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=583dd860d5b833037175247230a328f0050dbfe9 | |
https://support.f5.com/csp/article/K54823184 | Third Party Advisory |
https://usn.ubuntu.com/4416-1/ | Third Party Advisory |
https://www.oracle.com/security-alerts/cpuapr2022.html | Not Applicable |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
07 Nov 2023, 03:13
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
13 Jun 2022, 18:59
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* |
|
First Time |
Canonical
Mcafee web Gateway Mcafee Canonical ubuntu Linux |
|
References | (GENTOO) https://security.gentoo.org/glsa/202006-04 - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4416-1/ - Third Party Advisory | |
References | (CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10278 - Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - Not Applicable | |
References | (BID) http://www.securityfocus.com/bid/107160 - Broken Link | |
References | (CONFIRM) https://support.f5.com/csp/article/K54823184 - Third Party Advisory |
20 Apr 2022, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2019-02-26 02:29
Updated : 2023-12-10 12:44
NVD link : CVE-2019-9169
Mitre link : CVE-2019-9169
CVE.ORG link : CVE-2019-9169
JSON object : View
Products Affected
netapp
- ontap_select_deploy_administration_utility
- cloud_backup
- steelstore_cloud_integrated_storage
gnu
- glibc
canonical
- ubuntu_linux
mcafee
- web_gateway
CWE
CWE-125
Out-of-bounds Read