DEBIAN-CVE-2019-1010025

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2019-1010025
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2019-1010025.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2019-1010025
Upstream
Published
2019-07-15T04:15:13.537Z
Modified
2026-03-17T02:45:38.340199Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.

References

Affected packages

Debian:11 / glibc

Package

Name
glibc
Purl
pkg:deb/debian/glibc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.31-13
2.31-13+deb11u1
2.31-13+deb11u2
2.31-13+deb11u3
2.31-13+deb11u4
2.31-13+deb11u5
2.31-13+deb11u6
2.31-13+deb11u7
2.31-13+deb11u8
2.31-13+deb11u9
2.31-13+deb11u10
2.31-13+deb11u11
2.31-13+deb11u12
2.31-13+deb11u13
2.31-13+hurd.1
2.31-13+hurd.2
2.31-13+hurd.3
2.31-13+qemu
2.31-14
2.31-15
2.31-16
2.31-17~0
2.31-17
2.31-18~0
2.32-0experimental0
2.32-0experimental1
2.32-1
2.32-2
2.32-2+qemu
2.32-3
2.32-4
2.32-5
2.33-0experimental0
2.33-0experimental1
2.33-0experimental2
2.33-0experimental3
2.33-1
2.33-1+qemu
2.33-2~0
2.33-2~1
2.33-2~2
2.33-2~3
2.33-2
2.33-2+qemu
2.33-2+qemu1
2.33-3~0
2.33-3
2.33-4
2.33-5
2.33-6
2.33-7
2.33-8~0
2.33-8
2.34-0experimental0
2.34-0experimental1
2.34-0experimental2
2.34-0experimental3
2.34-0experimental4
2.34-0experimental5
2.34-1
2.34-2
2.34-3
2.34-4
2.34-5~0
2.34-5
2.34-6
2.34-7
2.34-7+qemu
2.34-8~0
2.34-8
2.34-9~0
2.35-0experimental0
2.35-0experimental1
2.35-0experimental2
2.35-0experimental3
2.35-0experimental3+qemu
2.35-1
2.35-1+sparc64
2.35-2
2.35-3
2.35-4
2.36-1
2.36-2
2.36-3
2.36-4
2.36-4+ports
2.36-5
2.36-6
2.36-7~0
2.36-7~1
2.36-7
2.36-8
2.36-8+alpha1
2.36-9~1
2.36-9~2
2.36-9~3
2.36-9
2.36-9+loong64
2.36-10~0
2.37-1
2.37-2
2.37-3
2.37-4
2.37-5
2.37-6
2.37-7
2.37-8
2.37-9
2.37-10
2.37-11
2.37-12
2.37-13
2.37-14
2.37-15~deb13u1
2.37-15
2.37-15.1
2.37-15.1+sh4
2.37-16
2.37-17
2.37-18
2.37-19
2.38-1
2.38-2
2.38-3
2.38-4
2.38-5
2.38-6
2.38-7~0+hurd.1
2.38-7
2.38-8
2.38-9
2.38-10
2.38-11
2.38-12
2.38-12.1
2.38-13
2.38-14
2.38-15~0
2.38-15~1
2.39-1
2.39-2
2.39-3
2.39-3.1
2.39-4
2.39-5
2.39-6
2.39-6+hurd.1
2.39-6+sh4
2.39-7~0
2.39-7
2.39-7+sh4
2.39-8~0
2.40-1
2.40-2
2.40-2+sh4
2.40-3
2.40-3+sh4
2.40-4
2.40-5~hurd.1
2.40-5
2.40-6~1
2.40-6
2.40-7
2.41-1
2.41-2
2.41-3
2.41-4~0
2.41-4
2.41-5~0
2.41-5
2.41-6
2.41-7
2.41-8~0
2.41-8~1
2.41-8
2.41-9~0
2.41-9~1
2.41-9
2.41-10
2.41-11
2.41-12
2.41-13~hurd.0
2.41-13~hurd.1
2.42-1
2.42-2
2.42-3
2.42-4
2.42-5
2.42-6
2.42-7
2.42-8~hurd.1
2.42-8~hurd.2
2.42-8
2.42-9
2.42-10
2.42-11
2.42-12~hurd.1
2.42-12
2.42-13
2.42-14~hurd.1
2.43-1

Ecosystem specific 

{
    "urgency": "unimportant"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2019-1010025.json"

Debian:12 / glibc

Package

Name
glibc
Purl
pkg:deb/debian/glibc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.36-9
2.36-9+deb12u1
2.36-9+deb12u2
2.36-9+deb12u3
2.36-9+deb12u4
2.36-9+deb12u5
2.36-9+deb12u6
2.36-9+deb12u7
2.36-9+deb12u8
2.36-9+deb12u9
2.36-9+deb12u10
2.36-9+deb12u11
2.36-9+deb12u12
2.36-9+deb12u13
2.36-9+loong64
2.36-10~0
2.37-1
2.37-2
2.37-3
2.37-4
2.37-5
2.37-6
2.37-7
2.37-8
2.37-9
2.37-10
2.37-11
2.37-12
2.37-13
2.37-14
2.37-15~deb13u1
2.37-15
2.37-15.1
2.37-15.1+sh4
2.37-16
2.37-17
2.37-18
2.37-19
2.38-1
2.38-2
2.38-3
2.38-4
2.38-5
2.38-6
2.38-7~0+hurd.1
2.38-7
2.38-8
2.38-9
2.38-10
2.38-11
2.38-12
2.38-12.1
2.38-13
2.38-14
2.38-15~0
2.38-15~1
2.39-1
2.39-2
2.39-3
2.39-3.1
2.39-4
2.39-5
2.39-6
2.39-6+hurd.1
2.39-6+sh4
2.39-7~0
2.39-7
2.39-7+sh4
2.39-8~0
2.40-1
2.40-2
2.40-2+sh4
2.40-3
2.40-3+sh4
2.40-4
2.40-5~hurd.1
2.40-5
2.40-6~1
2.40-6
2.40-7
2.41-1
2.41-2
2.41-3
2.41-4~0
2.41-4
2.41-5~0
2.41-5
2.41-6
2.41-7
2.41-8~0
2.41-8~1
2.41-8
2.41-9~0
2.41-9~1
2.41-9
2.41-10
2.41-11
2.41-12
2.41-13~hurd.0
2.41-13~hurd.1
2.42-1
2.42-2
2.42-3
2.42-4
2.42-5
2.42-6
2.42-7
2.42-8~hurd.1
2.42-8~hurd.2
2.42-8
2.42-9
2.42-10
2.42-11
2.42-12~hurd.1
2.42-12
2.42-13
2.42-14~hurd.1
2.43-1

Ecosystem specific 

{
    "urgency": "unimportant"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2019-1010025.json"

Debian:13 / glibc

Package

Name
glibc
Purl
pkg:deb/debian/glibc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.41-12
2.41-12+deb13u1
2.41-12+deb13u2
2.41-13~hurd.0
2.41-13~hurd.1
2.42-1
2.42-2
2.42-3
2.42-4
2.42-5
2.42-6
2.42-7
2.42-8~hurd.1
2.42-8~hurd.2
2.42-8
2.42-9
2.42-10
2.42-11
2.42-12~hurd.1
2.42-12
2.42-13
2.42-14~hurd.1
2.43-1

Ecosystem specific 

{
    "urgency": "unimportant"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2019-1010025.json"

Debian:14 / glibc

Package

Name
glibc
Purl
pkg:deb/debian/glibc?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.41-12
2.41-13~hurd.0
2.41-13~hurd.1
2.42-1
2.42-2
2.42-3
2.42-4
2.42-5
2.42-6
2.42-7
2.42-8~hurd.1
2.42-8~hurd.2
2.42-8
2.42-9
2.42-10
2.42-11
2.42-12~hurd.1
2.42-12
2.42-13
2.42-14~hurd.1
2.43-1

Ecosystem specific 

{
    "urgency": "unimportant"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2019-1010025.json"