vulnerability
Ubuntu: USN-8005-1 (CVE-2025-15281): GNU C Library vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Jan 20, 2026 | Feb 4, 2026 | Feb 5, 2026 |
Description
Vitaly Simonovich discovered that the GNU C Library did not properly
initialize the input when WRDE_REUSE is used. An attacker could possibly
use this issue to cause applications to crash, leading to a denial of
service. (CVE-2025-15281)
Anastasia Belova discovered that the GNU C Library incorrectly handled
the regcomp function when memory allocation failures occured. An attacker
could possibly use this issue to cause applications to crash, leading to
a denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2025-8058)
Igor Morgenstern discovered that the GNU C Library incorrectly handled
the memalign function when doing memory allocation. An attacker could
possibly use this issue to cause applications to crash, leading to a
denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu
25.10. (CVE-2026-0861)
Igor Morgenstern discovered that the GNU C Library incorrectly handled
certain DNS backend when queries for a zero-valued network. An attacker
could possibly use this issue to cause a denial of service or obtain
sensitive information. (CVE-2026-0915)
Solutions
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.