GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.
Use of Insufficiently Random Values
Exposure of Sensitive Information to an Unauthorized Actor
-
| Package | Type | OS Name | OS Version | Affected Ranges | Fix Versions |
|---|---|---|---|---|---|
| debian/glibc | deb | debian | 12 | >=2.36-9+deb12u4 | Not yet available |
| debian/glibc | deb | debian | 11 | >=2.31-13+deb11u8 | Not yet available |
| debian/glibc | deb | debian | 10 | >=2.28-10+deb10u1 | Not yet available |
| debian/glibc | deb | debian | 13 | >=2.38-11 | Not yet available |
| debian/glibc | deb | debian | unstable | >=2.38-11 | Not yet available |
Severity and metrics
No CVSS data available from this source.
3.9
3.9
1.4
CVE-2019-1010025
-
CVE-2019-1010025
-
-
-