Detections
Analytics

Debian dla-4621 : glibc-doc - security update

medium Nessus Plugin ID 319637

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4621 advisory.

 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4621-1 [email protected] https://www.debian.org/lts/security/ Arnaud Rebillout June 08, 2026 https://wiki.debian.org/LTS
 - -------------------------------------------------------------------------

 Package : glibc Version : 2.31-13+deb11u14 CVE ID : CVE-2025-8058 CVE-2025-15281 CVE-2026-0861 CVE-2026-0915 CVE-2026-4046 Debian Bug : 1109803 1125678 1125748 1126266 1132499

 Several vulnerabilities have been discovered in the GNU C Library, the C standard library implementation used by Debian.

 CVE-2025-8058

 posix: Fix double-free after allocation failure in regcomp

 The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffer manipulation depending of how the regex is constructed. This issue affects all architectures and ABIs supported by the GNU C library.

 CVE-2025-15281

 posix: Reset wordexp_t fields with WRDE_REUSE

 Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the we_wordv member, which on subsequent calls to wordfree may abort the process.

 CVE-2026-0861

 memalign: reinstate alignment overflow check

 Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size as well as the alignment arguments of the memalign function to be able to exploit this. The size parameter must be close enough to PTRDIFF_MAX so as to overflow size_t along with the large alignment argument. This limits the malicious inputs for the alignment for memalign to the range [1<<62+ 1, 1<<63] and exactly 1<<63 for posix_memalign and aligned_alloc. Typically the alignment argument passed to such functions is a known constrained quantity (e.g. page size, block size, struct sizes) and is not attacker controlled, because of which this may not be easily exploitable in practice. An application bug could potentially result in the input alignment being too large, e.g. due to a different buffer overflow or integer overflow in the application or its dependent libraries, but that is again an uncommon usage pattern given typical sources of alignments.

 CVE-2026-0915

 resolv: Fix NSS DNS backend for getnetbyaddr

 Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.

 CVE-2026-4046

 iconvdata: Use pending character state in IBM1390, IBM1399 character sets

 The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them.

 For Debian 11 bullseye, these problems have been fixed in version 2.31-13+deb11u14.

 We recommend that you upgrade your glibc packages.

 For the detailed security status of glibc please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/glibc

 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the glibc-doc packages.

See Also

https://security-tracker.debian.org/tracker/source-package/glibc

https://security-tracker.debian.org/tracker/CVE-2025-15281

https://security-tracker.debian.org/tracker/CVE-2025-8058

https://security-tracker.debian.org/tracker/CVE-2026-0861

https://security-tracker.debian.org/tracker/CVE-2026-0915

https://security-tracker.debian.org/tracker/CVE-2026-4046

https://packages.debian.org/source/bullseye/glibc

Plugin Details

Severity: Medium

ID: 319637

File Name: debian_DLA-4621.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 6/8/2026

Updated: 6/8/2026

Supported Sensors: Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

CVSS Score Source: CVE-2026-0915

CVSS v3

Risk Factor: High

Base Score: 8.4

Temporal Score: 7.6

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2026-0861

CVSS v4

Risk Factor: Medium

Base Score: 5.9

Threat Score: 4.3

Threat Vector: CVSS:4.0/E:P

Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H

CVSS Score Source: CVE-2025-8058

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:libc6-amd64, p-cpe:/a:debian:debian_linux:libc-bin, p-cpe:/a:debian:debian_linux:libc6-dev, cpe:/o:debian:debian_linux:11.0, p-cpe:/a:debian:debian_linux:libc-l10n, p-cpe:/a:debian:debian_linux:libc6-i386, p-cpe:/a:debian:debian_linux:locales-all, p-cpe:/a:debian:debian_linux:glibc-doc, p-cpe:/a:debian:debian_linux:libc6-dev-amd64, p-cpe:/a:debian:debian_linux:libc6-xen, p-cpe:/a:debian:debian_linux:libc6-x32, p-cpe:/a:debian:debian_linux:nscd, p-cpe:/a:debian:debian_linux:libc6-udeb, p-cpe:/a:debian:debian_linux:libc-devtools, p-cpe:/a:debian:debian_linux:libc6-dev-i386, p-cpe:/a:debian:debian_linux:glibc-source, p-cpe:/a:debian:debian_linux:locales, p-cpe:/a:debian:debian_linux:libc6-dev-x32, p-cpe:/a:debian:debian_linux:libc6, p-cpe:/a:debian:debian_linux:libc-dev-bin, p-cpe:/a:debian:debian_linux:libc6-dbg

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/8/2026

Vulnerability Publication Date: 3/11/2025

Reference Information

CVE: CVE-2025-15281, CVE-2025-8058, CVE-2026-0861, CVE-2026-0915, CVE-2026-4046

IAVA: 2025-A-0549-S, 2026-A-0102