glibc-langpack-kl (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package glibc-langpack-kl, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (15)
CVE-2026-0861 — CVSS 8.4 (high): Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version…
CVE-2024-33599 — CVSS 8.1 (high): nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client…
CVE-2025-4802 — CVSS 7.8 (high): Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading…
CVE-2026-0915 — CVSS 7.5 (high): Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries…
CVE-2025-15281 — CVSS 7.5 (high): Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to…
CVE-2024-33602 — CVSS 7.4 (high): nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory…
CVE-2024-33601 — CVSS 7.3 (high): nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc…
CVE-2024-2961 — CVSS 7.3 (high): The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when…
CVE-2023-4527 — CVSS 6.5 (medium): A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with…
CVE-2025-0395 — CVSS 6.2 (medium): When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure…
CVE-2024-33600 — CVSS 5.9 (medium): nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup…
CVE-2023-4813 — CVSS 5.9 (medium): A flaw has been identified in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an…
CVE-2023-4806 — CVSS 5.9 (medium): A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed…
CVE-2025-5702 — CVSS 5.6 (medium): The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector registers v20 to…