HCE1-SA-2024-0012 Critical HCE 1.1 Security Fix(es): In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. (CVE-2019-9169) The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations. (CVE-2021-35942) A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32. (CVE-2020-1752) HCE 1.1 glibc-2.17-328.hce1c.x86_64.rpm glibc-common-2.17-328.hce1c.x86_64.rpm glibc-devel-2.17-328.hce1c.x86_64.rpm glibc-headers-2.17-328.hce1c.x86_64.rpm glibc-utils-2.17-328.hce1c.x86_64.rpm nscd-2.17-328.hce1c.x86_64.rpm