CVE-2014-8121

2015-03-27T14:59:00
ID CVE-2014-8121
Type cve
Reporter cve@mitre.org
Modified 2018-10-17T19:01:00

Description

DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.