Denial Of Service (DoS)

2019-01-1509:00:29

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

JSON

glibc is vulnerable to denial of service (DoS) attacks. The vulnerability exists as multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions.

CPENameOperatorVersion
glibceq2.5__18.el5_1.1
glibceq2.5__49.el5_5.6
glibceq2.5__65.el5_7.3
glibceq2.5__49.el5_5.5
glibceq2.5__42.el5_4.2
glibceq2.5__49.el5_5.7
glibceq2.5__58.el5_6.3
glibceq2.5__58.el5_6.4
glibceq2.5__34.el5_3.1
glibceq2.5__107.el5_9.6

Name	Operator	Version
glibc	eq	2.5__18.el5_1.1
glibc	eq	2.5__49.el5_5.6
glibc	eq	2.5__65.el5_7.3
glibc	eq	2.5__49.el5_5.5
glibc	eq	2.5__42.el5_4.2
glibc	eq	2.5__49.el5_5.7
glibc	eq	2.5__58.el5_6.3
glibc	eq	2.5__58.el5_6.4
glibc	eq	2.5__34.el5_3.1
glibc	eq	2.5__107.el5_9.6