3 matches found
SUSE CVE-2017-7476
Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable. The error is in the saveabbr function in timerz.c...
Fedora 26 : coreutils (2017-b17d54561b)
tail: revert to polling if a followed directory is replaced 1283760 ---- - date, touch: fix out-of-bounds write via large TZ variable CVE-2017-7476 ---- - do not obsolete coreutils-single, so it can be installed by DNF2 1444802 Note that Tenable Network Security has extracted the preceding...
CVE-2017-7476
Gnulib before 2017-04-26 contains a heap-based buffer overflow in the save_abbr function in time_rz.c triggered by the TZ environment variable. This vulnerability can lead to arbitrary code execution or crash conditions, as described in multiple sources (e.g., CNVD-2017-06995; NVD CVE-2017-7476)....