SUSE-SU-2019:1877-1
Advisory lineage Upstream: 2 Downstream: 0
Upstream
Published: 18 Jul 2019, 09:32
Last modified:04 Feb 2026, 02:39
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
18 Jul 2019, 09:32
Published
Vulnerability first disclosed
04 Feb 2026, 02:39
Last Modified
Vulnerability information updated
Description
Security update for glibc This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match (bsc#1127308). - CVE-2009-5155: Fixed a denial of service in parse_reg_exp() (bsc#1127223). Non-security issues fixed: - Does no longer compress debug sections in crt*.o files (bsc#1123710) - Fixes a concurrency problem in ldconfig (bsc#1117993) - Fixes a race condition in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330)
Affected Systems
- suse•glibc&distro=SUSE Linux Enterprise Module for Basesystem 15
< 2.26-13.24.1
- suse•glibc&distro=SUSE Linux Enterprise Module for Basesystem 15 SP1
< 2.26-13.24.1
- suse•glibc&distro=SUSE Linux Enterprise Module for Development Tools 15
< 2.26-13.24.1
- suse•glibc&distro=SUSE Linux Enterprise Module for Development Tools 15 SP1
< 2.26-13.24.1
References (8)
- https://www.suse.com/support/update/announcement/2019/suse-su-20191877-1/
- https://bugzilla.suse.com/1117993
- https://bugzilla.suse.com/1123710
- https://bugzilla.suse.com/1127223
- https://bugzilla.suse.com/1127308
- https://bugzilla.suse.com/1131330
- https://www.suse.com/security/cve/CVE-2009-5155
- https://www.suse.com/security/cve/CVE-2019-9169