Vitaly Simonovich discovered that the GNU C Library did not properly initialize the input when WRDE_REUSE is used. An attacker could possibly use this issue to cause applications to crash, leading to a denial of service. (CVE-2025-15281)
Anastasia Belova discovered that the GNU C Library incorrectly handled the regcomp function when memory allocation failures occured. An attacker could possibly use this issue to cause applications to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2025-8058)
Igor Morgenstern discovered that the GNU C Library incorrectly handled the memalign function when doing memory allocation. An attacker could possibly use this issue to cause applications to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2026-0861)
Igor Morgenstern discovered that the GNU C Library incorrectly handled certain DNS backend when queries for a zero-valued network. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. (CVE-2026-0915)
2.35-0ubuntu3.132.39-0ubuntu8.72.42-0ubuntu3.12.23-0ubuntu11.3+esm92.27-3ubuntu1.6+esm62.31-0ubuntu9.18+esm1