CVE-2019-1010025

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-1010025

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-1010025.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-1010025

Related

CGA-95xj-hfwv-q3mc

Withdrawn

2020-11-16T19:48:53Z

Published

2019-07-15T04:15:13Z

Modified

2025-01-14T06:49:21.456689Z

Downstream

MINI-4hjr-3rw9-p262

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.

References

Affected packages

Debian:11 / glibc

Package

Name: glibc
Purl: pkg:deb/debian/glibc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.31-13

2.31-13+deb11u1

2.31-13+deb11u2

2.31-13+deb11u3

2.31-13+deb11u4

2.31-13+deb11u5

2.31-13+deb11u6

2.31-13+deb11u7

2.31-13+deb11u8

2.31-13+deb11u9

2.31-13+deb11u10

2.31-13+deb11u11

2.31-13+hurd.1

2.31-13+hurd.2

2.31-13+hurd.3

2.31-13+qemu

2.31-14

2.31-15

2.31-16

2.31-17~0

2.31-17

2.31-18~0

2.32-0experimental0

2.32-0experimental1

2.32-1

2.32-2

2.32-2+qemu

2.32-3

2.32-4

2.32-5

2.33-0experimental0

2.33-0experimental1

2.33-0experimental2

2.33-0experimental3

2.33-1

2.33-1+qemu

2.33-2~0

2.33-2~1

2.33-2~2

2.33-2~3

2.33-2

2.33-2+qemu

2.33-2+qemu1

2.33-3~0

2.33-3

2.33-4

2.33-5

2.33-6

2.33-7

2.33-8~0

2.33-8

2.34-0experimental0

2.34-0experimental1

2.34-0experimental2

2.34-0experimental3

2.34-0experimental4

2.34-0experimental5

2.34-1

2.34-2

2.34-3

2.34-4

2.34-5~0

2.34-5

2.34-6

2.34-7

2.34-7+qemu

2.34-8~0

2.34-8

2.34-9~0

2.35-0experimental0

2.35-0experimental1

2.35-0experimental2

2.35-0experimental3

2.35-0experimental3+qemu

2.35-1

2.35-1+sparc64

2.35-2

2.35-3

2.35-4

2.36-1

2.36-2

2.36-3

2.36-4

2.36-4+ports

2.36-5

2.36-6

2.36-7~0

2.36-7~1

2.36-7

2.36-8

2.36-8+alpha1

2.36-9~1

2.36-9~2

2.36-9~3

2.36-9

2.36-9+loong64

2.36-10~0

2.37-1

2.37-2

2.37-3

2.37-4

2.37-5

2.37-6

2.37-7

2.37-8

2.37-9

2.37-10

2.37-11

2.37-12

2.37-13

2.37-14

2.37-15~deb13u1

2.37-15

2.37-15.1

2.37-15.1+sh4

2.37-16

2.37-17

2.37-18

2.37-19

2.38-1

2.38-2

2.38-3

2.38-4

2.38-5

2.38-6

2.38-7~0+hurd.1

2.38-7

2.38-8

2.38-9

2.38-10

2.38-11

2.38-12

2.38-12.1

2.38-13

2.38-14

2.38-15~0

2.38-15~1

2.39-1

2.39-2

2.39-3

2.39-3.1

2.39-4

2.39-5

2.39-6

2.39-6+hurd.1

2.39-6+sh4

2.39-7~0

2.39-7

2.39-7+sh4

2.39-8~0

2.40-1

2.40-2

2.40-2+sh4

2.40-3

2.40-3+sh4

2.40-4

2.40-5~hurd.1

2.40-5

2.40-6~1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / glibc

Package

Name: glibc
Purl: pkg:deb/debian/glibc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.36-9

2.36-9+deb12u1

2.36-9+deb12u2

2.36-9+deb12u3

2.36-9+deb12u4

2.36-9+deb12u5

2.36-9+deb12u6

2.36-9+deb12u7

2.36-9+deb12u8

2.36-9+deb12u9

2.36-9+loong64

2.36-10~0

2.37-1

2.37-2

2.37-3

2.37-4

2.37-5

2.37-6

2.37-7

2.37-8

2.37-9

2.37-10

2.37-11

2.37-12

2.37-13

2.37-14

2.37-15~deb13u1

2.37-15

2.37-15.1

2.37-15.1+sh4

2.37-16

2.37-17

2.37-18

2.37-19

2.38-1

2.38-2

2.38-3

2.38-4

2.38-5

2.38-6

2.38-7~0+hurd.1

2.38-7

2.38-8

2.38-9

2.38-10

2.38-11

2.38-12

2.38-12.1

2.38-13

2.38-14

2.38-15~0

2.38-15~1

2.39-1

2.39-2

2.39-3

2.39-3.1

2.39-4

2.39-5

2.39-6

2.39-6+hurd.1

2.39-6+sh4

2.39-7~0

2.39-7

2.39-7+sh4

2.39-8~0

2.40-1

2.40-2

2.40-2+sh4

2.40-3

2.40-3+sh4

2.40-4

2.40-5~hurd.1

2.40-5

2.40-6~1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / glibc

Package

Name: glibc
Purl: pkg:deb/debian/glibc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.36-9

2.36-9+loong64

2.36-10~0

2.37-1

2.37-2

2.37-3

2.37-4

2.37-5

2.37-6

2.37-7

2.37-8

2.37-9

2.37-10

2.37-11

2.37-12

2.37-13

2.37-14

2.37-15~deb13u1

2.37-15

2.37-15.1

2.37-15.1+sh4

2.37-16

2.37-17

2.37-18

2.37-19

2.38-1

2.38-2

2.38-3

2.38-4

2.38-5

2.38-6

2.38-7~0+hurd.1

2.38-7

2.38-8

2.38-9

2.38-10

2.38-11

2.38-12

2.38-12.1

2.38-13

2.38-14

2.38-15~0

2.38-15~1

2.39-1

2.39-2

2.39-3

2.39-3.1

2.39-4

2.39-5

2.39-6

2.39-6+hurd.1

2.39-6+sh4

2.39-7~0

2.39-7

2.39-7+sh4

2.39-8~0

2.40-1

2.40-2

2.40-2+sh4

2.40-3

2.40-3+sh4

2.40-4

2.40-5~hurd.1

2.40-5

2.40-6~1

Ecosystem specific

{
    "urgency": "unimportant"
}