Out-of-bounds read In glibc
Description
Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version |
|---|---|---|
 debian 12 | =2.36-10~0 || =2.36-9 || =2.36-9+deb12u1 || =2.36-9+deb12u10 || =2.36-9+deb12u11 || =2.36-9+deb12u12 || =2.36-9+deb12u13 || =2.36-9+deb12u2 || =2.36-9+deb12u3 || =2.36-9+deb12u4 || =2.36-9+deb12u5 || =2.36-9+deb12u6 || =2.36-9+deb12u7 || =2.36-9+deb12u8 || =2.36-9+deb12u9 || =2.36-9+loong64 || =2.37-1 || =2.37-10 || =2.37-11 || =2.37-12 || =2.37-13 || =2.37-14 || =2.37-15 || =2.37-15.1 || =2.37-15.1+sh4 || =2.37-15~deb13u1 || =2.37-16 || =2.37-17 || =2.37-18 || =2.37-19 || =2.37-2 || =2.37-3 || =2.37-4 || =2.37-5 || =2.37-6 || =2.37-7 || =2.37-8 || =2.37-9 || =2.38-1 || =2.38-10 || =2.38-11 || =2.38-12 || =2.38-12.1 || =2.38-13 || =2.38-14 || =2.38-15~0 || =2.38-15~1 || =2.38-2 || =2.38-3 || =2.38-4 || =2.38-5 || =2.38-6 || =2.38-7 || =2.38-7~0+hurd.1 || =2.38-8 || =2.38-9 || =2.39-1 || =2.39-2 || =2.39-3 || =2.39-3.1 || =2.39-4 || =2.39-5 || =2.39-6 || =2.39-6+hurd.1 || =2.39-6+sh4 || =2.39-7 || =2.39-7+sh4 || =2.39-7~0 || =2.39-8~0 || =2.40-1 || =2.40-2 || =2.40-2+sh4 || =2.40-3 || =2.40-3+sh4 || =2.40-4 || =2.40-5 || =2.40-5~hurd.1 || =2.40-6 || =2.40-6~1 || =2.40-7 || =2.41-1 || =2.41-10 || =2.41-11 || =2.41-12 || =2.41-13~hurd.0 || =2.41-13~hurd.1 || =2.41-2 || =2.41-3 || =2.41-4 || =2.41-4~0 || =2.41-5 || =2.41-5~0 || =2.41-6 || =2.41-7 || =2.41-8 || =2.41-8~0 || =2.41-8~1 || =2.41-9 || =2.41-9~0 || =2.41-9~1 || =2.42-1 || =2.42-10 || =2.42-11 || =2.42-12 || =2.42-12~hurd.1 || =2.42-13 || =2.42-14 || =2.42-14~hurd.1 || =2.42-15 || =2.42-15~hurd.1 || =2.42-2 || =2.42-3 || =2.42-4 || =2.42-5 || =2.42-6 || =2.42-7 || =2.42-8 || =2.42-8~hurd.1 || =2.42-8~hurd.2 || =2.42-9 || =2.43-1 || =2.43-2 | |
 rpm rhel6 | - | |
rpm rhel7 | - | |
rpm rhel10 | - | |
debian 11 | =2.31-13 || =2.31-13+deb11u1 || =2.31-13+deb11u10 || =2.31-13+deb11u11 || =2.31-13+deb11u12 || =2.31-13+deb11u13 || =2.31-13+deb11u2 || =2.31-13+deb11u3 || =2.31-13+deb11u4 || =2.31-13+deb11u5 || =2.31-13+deb11u6 || =2.31-13+deb11u7 || =2.31-13+deb11u8 || =2.31-13+deb11u9 || =2.31-13+hurd.1 || =2.31-13+hurd.2 || =2.31-13+hurd.3 || =2.31-13+qemu || =2.31-14 || =2.31-15 || =2.31-16 || =2.31-17 || =2.31-17~0 || =2.31-18~0 || =2.32-0experimental0 || =2.32-0experimental1 || =2.32-1 || =2.32-2 || =2.32-2+qemu || =2.32-3 || =2.32-4 || =2.32-5 || =2.33-0experimental0 || =2.33-0experimental1 || =2.33-0experimental2 || =2.33-0experimental3 || =2.33-1 || =2.33-1+qemu || =2.33-2 || =2.33-2+qemu || =2.33-2+qemu1 || =2.33-2~0 || =2.33-2~1 || =2.33-2~2 || =2.33-2~3 || =2.33-3 || =2.33-3~0 || =2.33-4 || =2.33-5 || =2.33-6 || =2.33-7 || =2.33-8 || =2.33-8~0 || =2.34-0experimental0 || =2.34-0experimental1 || =2.34-0experimental2 || =2.34-0experimental3 || =2.34-0experimental4 || =2.34-0experimental5 || =2.34-1 || =2.34-2 || =2.34-3 || =2.34-4 || =2.34-5 || =2.34-5~0 || =2.34-6 || =2.34-7 || =2.34-7+qemu || =2.34-8 || =2.34-8~0 || =2.34-9~0 || =2.35-0experimental0 || =2.35-0experimental1 || =2.35-0experimental2 || =2.35-0experimental3 || =2.35-0experimental3+qemu || =2.35-1 || =2.35-1+sparc64 || =2.35-2 || =2.35-3 || =2.35-4 || =2.36-1 || =2.36-10~0 || =2.36-2 || =2.36-3 || =2.36-4 || =2.36-4+ports || =2.36-5 || =2.36-6 || =2.36-7 || =2.36-7~0 || =2.36-7~1 || =2.36-8 || =2.36-8+alpha1 || =2.36-9 || =2.36-9+loong64 || =2.36-9~1 || =2.36-9~2 || =2.36-9~3 || =2.37-1 || =2.37-10 || =2.37-11 || =2.37-12 || =2.37-13 || =2.37-14 || =2.37-15 || =2.37-15.1 || =2.37-15.1+sh4 || =2.37-15~deb13u1 || =2.37-16 || =2.37-17 || =2.37-18 || =2.37-19 || =2.37-2 || =2.37-3 || =2.37-4 || =2.37-5 || =2.37-6 || =2.37-7 || =2.37-8 || =2.37-9 || =2.38-1 || =2.38-10 || =2.38-11 || =2.38-12 || =2.38-12.1 || =2.38-13 || =2.38-14 || =2.38-15~0 || =2.38-15~1 || =2.38-2 || =2.38-3 || =2.38-4 || =2.38-5 || =2.38-6 || =2.38-7 || =2.38-7~0+hurd.1 || =2.38-8 || =2.38-9 || =2.39-1 || =2.39-2 || =2.39-3 || =2.39-3.1 || =2.39-4 || =2.39-5 || =2.39-6 || =2.39-6+hurd.1 || =2.39-6+sh4 || =2.39-7 || =2.39-7+sh4 || =2.39-7~0 || =2.39-8~0 || =2.40-1 || =2.40-2 || =2.40-2+sh4 || =2.40-3 || =2.40-3+sh4 || =2.40-4 || =2.40-5 || =2.40-5~hurd.1 || =2.40-6 || =2.40-6~1 || =2.40-7 || =2.41-1 || =2.41-10 || =2.41-11 || =2.41-12 || =2.41-13~hurd.0 || =2.41-13~hurd.1 || =2.41-2 || =2.41-3 || =2.41-4 || =2.41-4~0 || =2.41-5 || =2.41-5~0 || =2.41-6 || =2.41-7 || =2.41-8 || =2.41-8~0 || =2.41-8~1 || =2.41-9 || =2.41-9~0 || =2.41-9~1 || =2.42-1 || =2.42-10 || =2.42-11 || =2.42-12 || =2.42-12~hurd.1 || =2.42-13 || =2.42-14 || =2.42-14~hurd.1 || =2.42-15 || =2.42-15~hurd.1 || =2.42-2 || =2.42-3 || =2.42-4 || =2.42-5 || =2.42-6 || =2.42-7 || =2.42-8 || =2.42-8~hurd.1 || =2.42-8~hurd.2 || =2.42-9 || =2.43-1 || =2.43-2 | |
debian 13 | =2.41-12 || =2.41-12+deb13u1 || =2.41-12+deb13u2 || =2.41-13~hurd.0 || =2.41-13~hurd.1 || =2.42-1 || =2.42-10 || =2.42-11 || =2.42-12 || =2.42-12~hurd.1 || =2.42-13 || =2.42-14 || =2.42-14~hurd.1 || =2.42-15 || =2.42-15~hurd.1 || =2.42-2 || =2.42-3 || =2.42-4 || =2.42-5 || =2.42-6 || =2.42-7 || =2.42-8 || =2.42-8~hurd.1 || =2.42-8~hurd.2 || =2.42-9 || =2.43-1 || =2.43-2 | |
debian 14 | =2.41-12 || =2.41-13~hurd.0 || =2.41-13~hurd.1 || =2.42-1 || =2.42-10 || =2.42-11 || =2.42-12 || =2.42-12~hurd.1 || =2.42-13 || =2.42-14 || =2.42-14~hurd.1 || =2.42-15 || =2.42-15~hurd.1 || =2.42-2 || =2.42-3 || =2.42-4 || =2.42-5 || =2.42-6 || =2.42-7 || =2.42-8 || =2.42-8~hurd.1 || =2.42-8~hurd.2 || =2.42-9 || =2.43-1 || =2.43-2 | |
rpm rhel6 | - | |
rpm rhel7 | - | |
rpm rhel8 | - |
1-10 of 11
10
Does your application use this vulnerable software?
During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.