19 matches found
SUSE CVE-2016-5417
Memory leak in the resvinit function in the IPv6 name server management code in libresolv in GNU C Library aka glibc or libc6 before 2.24 allows remote attackers to cause a denial of service memory consumption by leveraging partial initialization of internal resolver data structures...
Security Bulletin: Vulnerability in glibc affects Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows (CVE-2016-5417)
Summary IntelR Manycore Platform Software Stack IntelR MPSS for Linux and Windows have addressed the following vulnerability in glibc. Vulnerability Details Summary Intel® Manycore Platform Software Stack Intel® MPSS for Linux and Windows have addressed the following vulnerability in glibc...
USN-3239-2: GNU C Library Regression | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2015-5180 introduced an internal ABI change within the resolver library. Original advisory details: It was discovered...
MGASA-2017-0091 Updated glibc packages fix security vulnerability
Florian Weimer discovered a NULL pointer dereference in the DNS resolver of the GNU C Library. An attacker could use this to cause a denial of service CVE-2015-5180. Tim Ruehsen discovered that the getaddrinfo implementation in the GNU C Library did not properly track memory allocations. An...
Updated glibc packages fix security vulnerability
Florian Weimer discovered a NULL pointer dereference in the DNS resolver of the GNU C Library. An attacker could use this to cause a denial of service CVE-2015-5180. Tim Ruehsen discovered that the getaddrinfo implementation in the GNU C Library did not properly track memory allocations. An...
USN-3239-3: GNU C Library regression
USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2016-3706 introduced a regression that in some circumstances prevented IPv6 addresses from resolving. This update reverts the change in Ubuntu 12.04 LTS. We apologize for the error. Original advisory details: It...
Ubuntu 12.04 LTS : eglibc regression (USN-3239-3)
USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2016-3706 introduced a regression that in some circumstances prevented IPv6 addresses from resolving. This update reverts the change in Ubuntu 12.04 LTS. We apologize for the error. It was discovered that the GN...
Ubuntu 14.04 LTS / 16.04 LTS : GNU C Library Regression (USN-3239-2)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3239-2 advisory. USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2015-5180 introduced an internal ABI change within the resolver...
Ubuntu: Security Advisory (USN-3239-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3239-2: GNU C Library Regression
USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2015-5180 introduced an internal ABI change within the resolver library. This update reverts the change. We apologize for the inconvenience. Please note that long-running services that were restarted to compensa...
Ubuntu 14.04 LTS / 16.04 LTS : GNU C Library vulnerabilities (USN-3239-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3239-1 advisory. It was discovered that the GNU C Library incorrectly handled the strxfrm function. An attacker could use this issue to cause a denial of...
CVE-2016-5417
Memory leak in the resvinit function in the IPv6 name server management code in libresolv in GNU C Library aka glibc or libc6 before 2.24 allows remote attackers to cause a denial of service memory consumption by leveraging partial initialization of internal resolver data structures...
CVE-2016-5417
Memory leak in the resvinit function in the IPv6 name server management code in libresolv in GNU C Library aka glibc or libc6 before 2.24 allows remote attackers to cause a denial of service memory consumption by leveraging partial initialization of internal resolver data structures...
CVE-2016-5417
CVE-2016-5417 affects GNU C Library (glibc/libc6): memory leak in the __res_vinit function of the IPv6 DNS resolver management code (libresolv) prior to version 2.24 can be exploited remotely to cause denial of service via memory exhaustion. Publicly available connected advisories confirm the iss...
CVE-2016-5417
Memory leak in the resvinit function in the IPv6 name server management code in libresolv in GNU C Library aka glibc or libc6 before 2.24 allows remote attackers to cause a denial of service memory consumption by leveraging partial initialization of internal resolver data structures...
CVE-2016-5417
Memory leak in the resvinit function in the IPv6 name server management code in libresolv in GNU C Library aka glibc or libc6 before 2.24 allows remote attackers to cause a denial of service memory consumption by leveraging partial initialization of internal resolver data structures...
glibc: denial of service
CVE-2016-3075 denial of service The getnetbyname implementation in nssdns contains a potentially unbounded alloca call in the form of a call to strdupa, leading to a stack overflow stack exhaustion and a crash if getnetbyname is invoked on a very long name. - CVE-2016-5417 denial of service The...
lib32-glibc: denial of service
CVE-2016-3075 denial of service The getnetbyname implementation in nssdns contains a potentially unbounded alloca call in the form of a call to strdupa, leading to a stack overflow stack exhaustion and a crash if getnetbyname is invoked on a very long name. - CVE-2016-5417 denial of service The...
CVE-2016-5417
Memory leak in the resvinit function in the IPv6 name server management code in libresolv in GNU C Library aka glibc or libc6 before 2.24 allows remote attackers to cause a denial of service memory consumption by leveraging partial initialization of internal resolver data structures...