CVE-2016-3075

Related Files

Gentoo Linux Security Advisory 201702-11

Posted Feb 20, 2017

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201702-11 - Multiple vulnerabilities have been found in the GNU C Library, the worst of which allows context-dependent attackers to execute arbitrary code. Versions less than 2.23-r3 are affected.

tags | advisory, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2014-9761, CVE-2015-5277, CVE-2015-8776, CVE-2015-8777, CVE-2015-8778, CVE-2015-8779, CVE-2016-1234, CVE-2016-3075

SHA-256 | fa2a94198c76126434e575483adb24e98f6fc6067b9bede81d1fab17552eb3e5

Download | Favorite | View

Red Hat Security Advisory 2016-2573-02

Posted Nov 3, 2016

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2573-02 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include "networks: dns" with a privileged or network-facing service that would attempt to resolve user-provided network names, an attacker could provide an excessively long network name, resulting in stack corruption and code execution.

tags | advisory, overflow, code execution

systems | linux, redhat, osx

advisories | CVE-2016-3075

SHA-256 | 73af8c49aae2ea595d4a81807a2cbcdcbd04c82b5c9359f6943ef80ef65cee45

Download | Favorite | View

Ubuntu Security Notice USN-2985-2

Posted May 26, 2016

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2985-2 - USN-2985-1 fixed vulnerabilities in the GNU C Library. The fix for CVE-2014-9761 introduced a regression which affected applications that use the libm library but were not fully restarted after the upgrade. This update removes the fix for CVE-2014-9761 and a future update will be provided to address this issue. Various other issues were also addressed.

tags | advisory, vulnerability

systems | linux, ubuntu

advisories | CVE-2014-8121, CVE-2014-9761, CVE-2015-1781, CVE-2015-5277, CVE-2015-8776, CVE-2015-8777, CVE-2015-8778, CVE-2015-8779, CVE-2016-3075

SHA-256 | 2a6f679b626f83a064fc3dc159f612a216d5445b2d132256da0fb78b6542247d

Download | Favorite | View

Ubuntu Security Notice USN-2985-1

Posted May 26, 2015

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2985-1 - Martin Carpenter discovered that pt_chown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. Robin Hack discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not properly manage its file descriptors. An attacker could use this to cause a denial of service (infinite loop). Various other issues were also addressed.

tags | advisory, denial of service, local

systems | linux, ubuntu

advisories | CVE-2013-2207, CVE-2014-8121, CVE-2014-9761, CVE-2015-1781, CVE-2015-5277, CVE-2015-8776, CVE-2015-8777, CVE-2015-8778, CVE-2015-8779, CVE-2016-2856, CVE-2016-3075

SHA-256 | 493c76ea8ce318894b316a5a208fb8df41462f866dbab930ef81d92361f8208c

Download | Favorite | View