VDB

GCVE-110-MAGEIA-2022-28

GCVE-110-MAGEIA-2022-28
Advisory Published
Vulnetix · Advisory published January 23, 2022
Updated glibc packages fix security vulnerabilities: The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution (CVE-2022-23218). The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution (CVE-2022-23219).

Affected Products

VendorProductVersionsPlatforms
Mageiaglibc0 (affected), 2.32-23.mga8 (unaffected), 0 (affected), 2.32-23.mga8 (unaffected)
Mageiagcompris-qt0 (affected), 2.3-1.mga8 (unaffected)

Browse GCVE Records

72,921 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›