{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-05-18T00:00:00", "descriptions": [{"lang": "en", "value": "stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-07-09T19:06:04", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5460617d1567657621107d895ee2dd83bc1f88f2"}, {"name": "104255", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/104255"}, {"tags": ["x_refsource_MISC"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22786"}, {"name": "RHSA-2018:3092", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:3092"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20190329-0001/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20190401-0001/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"}, {"name": "RHBA-2019:0327", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHBA-2019:0327"}, {"name": "USN-4416-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4416-1/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-11236", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5460617d1567657621107d895ee2dd83bc1f88f2", "refsource": "MISC", "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5460617d1567657621107d895ee2dd83bc1f88f2"}, {"name": "104255", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104255"}, {"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22786", "refsource": "MISC", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22786"}, {"name": "RHSA-2018:3092", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3092"}, {"name": "https://security.netapp.com/advisory/ntap-20190329-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20190329-0001/"}, {"name": "https://security.netapp.com/advisory/ntap-20190401-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20190401-0001/"}, {"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"}, {"name": "RHBA-2019:0327", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2019:0327"}, {"name": "USN-4416-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4416-1/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T08:01:52.793Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5460617d1567657621107d895ee2dd83bc1f88f2"}, {"name": "104255", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/104255"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22786"}, {"name": "RHSA-2018:3092", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:3092"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20190329-0001/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20190401-0001/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"}, {"name": "RHBA-2019:0327", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHBA-2019:0327"}, {"name": "USN-4416-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4416-1/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-11236", "datePublished": "2018-05-18T16:00:00", "dateReserved": "2018-05-18T00:00:00", "dateUpdated": "2024-08-05T08:01:52.793Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "matchCriteriaId": "B9D63BD8-48E5-437B-AD45-F7EE4AD52EE0", "versionEndIncluding": "2.27", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "1F59AE20-7B9D-47A5-9E0D-A73F4A0E7D34", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "1D4AF039-F3B6-45EB-A87E-8BCCF822AE23", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "404A4EE8-6572-4B35-8C6A-A3CB8F1308A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_communications_broker:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "17C9CFFB-0F3A-4E59-B6C9-9C8A20BB9B91", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E11C65C3-1B17-4362-A99C-59583081A24D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:element_software_management:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E63EEA7-05AB-4B1C-9061-AF357566DCDA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution."}, {"lang": "es", "value": "stdlib/canonicalize.c en GNU C Library (tambi\u00e9n conocida como glibc o libc6), en versiones 2.27 y anteriores, al procesar argumentos con un nombre de ruta muy largo en la funci\u00f3n realpath, podr\u00eda encontrarse con un desbordamiento de enteros en arquitecturas de 32 bits. Esto podr\u00eda desembocar en un desbordamiento de b\u00fafer basado en pila y en una potencial ejecuci\u00f3n de c\u00f3digo arbitrario."}], "id": "CVE-2018-11236", "lastModified": "2023-11-07T02:51:38.817", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-05-18T16:29:00.353", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104255"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHBA-2019:0327"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:3092"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://security.netapp.com/advisory/ntap-20190329-0001/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20190401-0001/"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22786"}, {"source": "cve@mitre.org", "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5460617d1567657621107d895ee2dd83bc1f88f2"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/4416-1/"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}, {"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2018:3092", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "glibc-0:2.17-260.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-10-30T00:00:00Z"}], "bugzilla": {"description": "glibc: Integer overflow in stdlib/canonicalize.c on 32-bit architectures leading to stack-based buffer overflow", "id": "1581269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1581269"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-190->CWE-121", "details": ["stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution."], "name": "CVE-2018-11236", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "compat-glibc", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "compat-glibc", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "compat-glibc", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "glibc", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2018-02-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-11236\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-11236"], "statement": "Red Hat Product Security has rated this issue as having moderate security impact and a future update may address this flaw.", "threat_severity": "Moderate", "upstream_fix": "glibc 2.28"}