vulnerability
Oracle Linux: CVE-2019-19126: ELSA-2020-1828: glibc security, bug fix, and enhancement update (LOW) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | Nov 19, 2019 | Oct 7, 2020 | Dec 3, 2025 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Nov 19, 2019
Added
Oct 7, 2020
Modified
Dec 3, 2025
Description
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.
A vulnerability was discovered in glibc where the LD_PREFER_MAP_32BIT_EXEC environment variable is not ignored when running binaries with the setuid flag on x86_64 architectures. This allows an attacker to force system to utilize only half of the memory (making the system think the software is 32-bit only), thus lowering the amount of memory being used with address space layout randomization (ASLR). The highest threat is confidentiality although the complexity of attack is high. The affected application must already have other vulnerabilities for this flaw to be usable.
A vulnerability was discovered in glibc where the LD_PREFER_MAP_32BIT_EXEC environment variable is not ignored when running binaries with the setuid flag on x86_64 architectures. This allows an attacker to force system to utilize only half of the memory (making the system think the software is 32-bit only), thus lowering the amount of memory being used with address space layout randomization (ASLR). The highest threat is confidentiality although the complexity of attack is high. The affected application must already have other vulnerabilities for this flaw to be usable.
Solutions
oracle-linux-upgrade-compat-libpthread-nonsharedoracle-linux-upgrade-glibcoracle-linux-upgrade-glibc-all-langpacksoracle-linux-upgrade-glibc-benchtestsoracle-linux-upgrade-glibc-commonoracle-linux-upgrade-glibc-develoracle-linux-upgrade-glibc-headersoracle-linux-upgrade-glibc-langpack-aaoracle-linux-upgrade-glibc-langpack-aforacle-linux-upgrade-glibc-langpack-agroracle-linux-upgrade-glibc-langpack-akoracle-linux-upgrade-glibc-langpack-amoracle-linux-upgrade-glibc-langpack-anoracle-linux-upgrade-glibc-langpack-anporacle-linux-upgrade-glibc-langpack-aroracle-linux-upgrade-glibc-langpack-asoracle-linux-upgrade-glibc-langpack-astoracle-linux-upgrade-glibc-langpack-aycoracle-linux-upgrade-glibc-langpack-azoracle-linux-upgrade-glibc-langpack-beoracle-linux-upgrade-glibc-langpack-bemoracle-linux-upgrade-glibc-langpack-beroracle-linux-upgrade-glibc-langpack-bgoracle-linux-upgrade-glibc-langpack-bhboracle-linux-upgrade-glibc-langpack-bhooracle-linux-upgrade-glibc-langpack-bioracle-linux-upgrade-glibc-langpack-bnoracle-linux-upgrade-glibc-langpack-booracle-linux-upgrade-glibc-langpack-broracle-linux-upgrade-glibc-langpack-brxoracle-linux-upgrade-glibc-langpack-bsoracle-linux-upgrade-glibc-langpack-bynoracle-linux-upgrade-glibc-langpack-caoracle-linux-upgrade-glibc-langpack-ceoracle-linux-upgrade-glibc-langpack-chroracle-linux-upgrade-glibc-langpack-cmnoracle-linux-upgrade-glibc-langpack-crhoracle-linux-upgrade-glibc-langpack-csoracle-linux-upgrade-glibc-langpack-csboracle-linux-upgrade-glibc-langpack-cvoracle-linux-upgrade-glibc-langpack-cyoracle-linux-upgrade-glibc-langpack-daoracle-linux-upgrade-glibc-langpack-deoracle-linux-upgrade-glibc-langpack-doioracle-linux-upgrade-glibc-langpack-dsboracle-linux-upgrade-glibc-langpack-dvoracle-linux-upgrade-glibc-langpack-dzoracle-linux-upgrade-glibc-langpack-eloracle-linux-upgrade-glibc-langpack-enoracle-linux-upgrade-glibc-langpack-eooracle-linux-upgrade-glibc-langpack-esoracle-linux-upgrade-glibc-langpack-etoracle-linux-upgrade-glibc-langpack-euoracle-linux-upgrade-glibc-langpack-faoracle-linux-upgrade-glibc-langpack-fforacle-linux-upgrade-glibc-langpack-fioracle-linux-upgrade-glibc-langpack-filoracle-linux-upgrade-glibc-langpack-fooracle-linux-upgrade-glibc-langpack-froracle-linux-upgrade-glibc-langpack-furoracle-linux-upgrade-glibc-langpack-fyoracle-linux-upgrade-glibc-langpack-gaoracle-linux-upgrade-glibc-langpack-gdoracle-linux-upgrade-glibc-langpack-gezoracle-linux-upgrade-glibc-langpack-gloracle-linux-upgrade-glibc-langpack-guoracle-linux-upgrade-glibc-langpack-gvoracle-linux-upgrade-glibc-langpack-haoracle-linux-upgrade-glibc-langpack-hakoracle-linux-upgrade-glibc-langpack-heoracle-linux-upgrade-glibc-langpack-hioracle-linux-upgrade-glibc-langpack-hiforacle-linux-upgrade-glibc-langpack-hneoracle-linux-upgrade-glibc-langpack-hroracle-linux-upgrade-glibc-langpack-hsboracle-linux-upgrade-glibc-langpack-htoracle-linux-upgrade-glibc-langpack-huoracle-linux-upgrade-glibc-langpack-hyoracle-linux-upgrade-glibc-langpack-iaoracle-linux-upgrade-glibc-langpack-idoracle-linux-upgrade-glibc-langpack-igoracle-linux-upgrade-glibc-langpack-ikoracle-linux-upgrade-glibc-langpack-isoracle-linux-upgrade-glibc-langpack-itoracle-linux-upgrade-glibc-langpack-iuoracle-linux-upgrade-glibc-langpack-jaoracle-linux-upgrade-glibc-langpack-kaoracle-linux-upgrade-glibc-langpack-kaboracle-linux-upgrade-glibc-langpack-kkoracle-linux-upgrade-glibc-langpack-kloracle-linux-upgrade-glibc-langpack-kmoracle-linux-upgrade-glibc-langpack-knoracle-linux-upgrade-glibc-langpack-kooracle-linux-upgrade-glibc-langpack-kokoracle-linux-upgrade-glibc-langpack-ksoracle-linux-upgrade-glibc-langpack-kuoracle-linux-upgrade-glibc-langpack-kworacle-linux-upgrade-glibc-langpack-kyoracle-linux-upgrade-glibc-langpack-lboracle-linux-upgrade-glibc-langpack-lgoracle-linux-upgrade-glibc-langpack-lioracle-linux-upgrade-glibc-langpack-lijoracle-linux-upgrade-glibc-langpack-lnoracle-linux-upgrade-glibc-langpack-looracle-linux-upgrade-glibc-langpack-ltoracle-linux-upgrade-glibc-langpack-lvoracle-linux-upgrade-glibc-langpack-lzhoracle-linux-upgrade-glibc-langpack-magoracle-linux-upgrade-glibc-langpack-maioracle-linux-upgrade-glibc-langpack-mfeoracle-linux-upgrade-glibc-langpack-mgoracle-linux-upgrade-glibc-langpack-mhroracle-linux-upgrade-glibc-langpack-mioracle-linux-upgrade-glibc-langpack-miqoracle-linux-upgrade-glibc-langpack-mjworacle-linux-upgrade-glibc-langpack-mkoracle-linux-upgrade-glibc-langpack-mloracle-linux-upgrade-glibc-langpack-mnoracle-linux-upgrade-glibc-langpack-mnioracle-linux-upgrade-glibc-langpack-mroracle-linux-upgrade-glibc-langpack-msoracle-linux-upgrade-glibc-langpack-mtoracle-linux-upgrade-glibc-langpack-myoracle-linux-upgrade-glibc-langpack-nanoracle-linux-upgrade-glibc-langpack-nboracle-linux-upgrade-glibc-langpack-ndsoracle-linux-upgrade-glibc-langpack-neoracle-linux-upgrade-glibc-langpack-nhnoracle-linux-upgrade-glibc-langpack-niuoracle-linux-upgrade-glibc-langpack-nloracle-linux-upgrade-glibc-langpack-nnoracle-linux-upgrade-glibc-langpack-nroracle-linux-upgrade-glibc-langpack-nsooracle-linux-upgrade-glibc-langpack-ocoracle-linux-upgrade-glibc-langpack-omoracle-linux-upgrade-glibc-langpack-ororacle-linux-upgrade-glibc-langpack-osoracle-linux-upgrade-glibc-langpack-paoracle-linux-upgrade-glibc-langpack-paporacle-linux-upgrade-glibc-langpack-ploracle-linux-upgrade-glibc-langpack-psoracle-linux-upgrade-glibc-langpack-ptoracle-linux-upgrade-glibc-langpack-quzoracle-linux-upgrade-glibc-langpack-rajoracle-linux-upgrade-glibc-langpack-rooracle-linux-upgrade-glibc-langpack-ruoracle-linux-upgrade-glibc-langpack-rworacle-linux-upgrade-glibc-langpack-saoracle-linux-upgrade-glibc-langpack-sahoracle-linux-upgrade-glibc-langpack-satoracle-linux-upgrade-glibc-langpack-scoracle-linux-upgrade-glibc-langpack-sdoracle-linux-upgrade-glibc-langpack-seoracle-linux-upgrade-glibc-langpack-sgsoracle-linux-upgrade-glibc-langpack-shnoracle-linux-upgrade-glibc-langpack-shsoracle-linux-upgrade-glibc-langpack-sioracle-linux-upgrade-glibc-langpack-sidoracle-linux-upgrade-glibc-langpack-skoracle-linux-upgrade-glibc-langpack-sloracle-linux-upgrade-glibc-langpack-smoracle-linux-upgrade-glibc-langpack-sooracle-linux-upgrade-glibc-langpack-sqoracle-linux-upgrade-glibc-langpack-sroracle-linux-upgrade-glibc-langpack-ssoracle-linux-upgrade-glibc-langpack-storacle-linux-upgrade-glibc-langpack-svoracle-linux-upgrade-glibc-langpack-sworacle-linux-upgrade-glibc-langpack-szloracle-linux-upgrade-glibc-langpack-taoracle-linux-upgrade-glibc-langpack-tcyoracle-linux-upgrade-glibc-langpack-teoracle-linux-upgrade-glibc-langpack-tgoracle-linux-upgrade-glibc-langpack-thoracle-linux-upgrade-glibc-langpack-theoracle-linux-upgrade-glibc-langpack-tioracle-linux-upgrade-glibc-langpack-tigoracle-linux-upgrade-glibc-langpack-tkoracle-linux-upgrade-glibc-langpack-tloracle-linux-upgrade-glibc-langpack-tnoracle-linux-upgrade-glibc-langpack-tooracle-linux-upgrade-glibc-langpack-tpioracle-linux-upgrade-glibc-langpack-troracle-linux-upgrade-glibc-langpack-tsoracle-linux-upgrade-glibc-langpack-ttoracle-linux-upgrade-glibc-langpack-ugoracle-linux-upgrade-glibc-langpack-ukoracle-linux-upgrade-glibc-langpack-unmoracle-linux-upgrade-glibc-langpack-uroracle-linux-upgrade-glibc-langpack-uzoracle-linux-upgrade-glibc-langpack-veoracle-linux-upgrade-glibc-langpack-vioracle-linux-upgrade-glibc-langpack-waoracle-linux-upgrade-glibc-langpack-waeoracle-linux-upgrade-glibc-langpack-waloracle-linux-upgrade-glibc-langpack-wooracle-linux-upgrade-glibc-langpack-xhoracle-linux-upgrade-glibc-langpack-yioracle-linux-upgrade-glibc-langpack-yooracle-linux-upgrade-glibc-langpack-yueoracle-linux-upgrade-glibc-langpack-yuworacle-linux-upgrade-glibc-langpack-zhoracle-linux-upgrade-glibc-langpack-zuoracle-linux-upgrade-glibc-locale-sourceoracle-linux-upgrade-glibc-minimal-langpackoracle-linux-upgrade-glibc-nss-develoracle-linux-upgrade-glibc-staticoracle-linux-upgrade-glibc-utilsoracle-linux-upgrade-libnsloracle-linux-upgrade-nscdoracle-linux-upgrade-nss-dboracle-linux-upgrade-nss-hesiod
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.