Security Bulletin: Security Vulnerabilities in OpenSSL, glibc, gcc, Net-SNMP, and OpenSSH affect IBM Security Proventia Network Enterprise Scanner

Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Security Proventia Network Enterprise Scanner. This bulletin addresses the applicable CVEs as well as other CVEs related to glibc, gcc, Net-SNMP, and OpenSSH. CVE-2015-5600,...

Null pointer dereference

The processenvvars function in elf/rtld.c in the GNU C Library aka glibc or libc6 before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LDPOINTERGUARD environment variable...