CVE-2015-1781

Currently unrated

Key Information:

Vendor
Suse
Status
Linux Enterprise Server
Linux Enterprise Desktop
Linux Enterprise Debuginfo
Vendor
CVE Published:
28 September 2015

Summary

Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.

References

http://lists.opensuse.org/opensuse-security-announce/2015...
vendor-advisoryx_refsource_SUSE
https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609...
mailing-listx_refsource_MLIST
http://lists.opensuse.org/opensuse-security-announce/2016...
vendor-advisoryx_refsource_SUSE

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.