ClickCease Addressing glibc Vulnerabilities in EOL Ubuntu

Content Table

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Addressing glibc Vulnerabilities in EOL Ubuntu

Rohan Timalsina

May 16, 2024 - TuxCare expert team

Recently, the Ubuntu security team has fixed multiple security issues discovered in the GNU C library, commonly known as glibc. If left unaddressed, this can leave your system exposed to attackers who exploit these glibc vulnerabilities. The glibc library provides the foundation for many programs on your system. Therefore, it is crucial to patch these vulnerabilities to maintain the integrity and security of Ubuntu systems.


Affected Ubuntu Versions and glibc Vulnerabilities


CVE-2014-9984 (CVSS v3 Score: 9.8 High)

This vulnerability revolves around the incorrect handling of netgroup requests within the GNU C Library. While affecting only Ubuntu 14.04 LTS, it could potentially lead to crashes or the execution of arbitrary code.


CVE-2015-20109 (CVSS v3 Score: 5.5 Medium)

Here, the glibc vulnerability could allow context-dependent attackers to trigger a denial-of-service situation. Again, limited to Ubuntu 14.04 LTS, this flaw underscores the importance of promptly applying updates.


CVE-2018-11236 (CVSS v3 Score: 9.8 High)

This vulnerability highlights the risk posed by processing very long pathname arguments to the realpath function, particularly on 32-bit architectures. The integer overflow could result in a stack-based buffer overflow and, potentially, arbitrary code execution.


CVE-2021-3999 (CVSS v3 Score: 7.8 High)

In this scenario, the getcwd function of the GNU C library mishandles buffers, presenting an opportunity for attackers to cause the library to crash.



Discovered by Charles Fol, this glibc vulnerability is due to the incorrect handling of certain input sequences in the iconv feature of the GNU C Library. This could also lead to a denial of service or the execution of arbitrary code.


Mitigation Measures


These glibc vulnerabilities have been identified across multiple Ubuntu releases, including Ubuntu 18.04, Ubuntu 16.04, and Ubuntu 14.04. However, these Ubuntu releases have reached their end-of-life (EOL), which means they no longer receive free security updates. Security updates are only available through Extended Security Maintenance via Ubuntu Pro.

For users concerned about the cost of a Ubuntu Pro subscription, there’s a more affordable alternative in the form of “TuxCare’s Extended Lifecycle Support.” TuxCare offers an additional five years of vendor-grade security patches for Ubuntu 16.04 and Ubuntu 18.04 after the EOL date. It covers 140+ packages, including glibc, the Ubuntu kernel, Python, OpenSSL, and many others.

Send questions to a TuxCare security expert to get advice on how to secure your end-of-life Ubuntu systems.


Source: USN-6762-1

Addressing glibc Vulnerabilities in EOL Ubuntu
Article Name
Addressing glibc Vulnerabilities in EOL Ubuntu
Learn about glibc vulnerabilities in end-of-life Ubuntu versions and how to fix them with Extended Lifecycle Support for Ubuntu.
Publisher Name
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started




Linux & Open Source

Subscribe to
our newsletter