USN-2306-1

Advisory lineage Upstream: 6 Downstream: 0

Upstream

CVE-2013-4458 CVE-2014-0475 CVE-2014-4043 UBUNTU-CVE-2013-4458 UBUNTU-CVE-2014-0475 UBUNTU-CVE-2014-4043

Published: 04 Aug 2014, 15:37

Last modified:22 Apr 2026, 08:54

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

04 Aug 2014, 15:37

Published

Vulnerability first disclosed

22 Apr 2026, 08:54

Last Modified

Vulnerability information updated

Description

eglibc vulnerabilities Maksymilian Arciemowicz discovered that the GNU C Library incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 10.04 LTS. (CVE-2013-4357) It was discovered that the GNU C Library incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2013-4458) Stephane Chazelas discovered that the GNU C Library incorrectly handled locale environment variables. An attacker could use this issue to possibly bypass certain restrictions such as the ForceCommand restrictions in OpenSSH. (CVE-2014-0475) David Reid, Glyph Lefkowitz, and Alex Gaynor discovered that the GNU C Library incorrectly handled posix_spawn_file_actions_addopen() path arguments. An attacker could use this issue to cause a denial of service. (CVE-2014-4043)

Affected Systems

ubuntu•eglibc
< 2.19-0ubuntu6.1

USN-2306-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)