Wind River Support Network

HomeDefectsLIN6-9633
Fixed

LIN6-9633 : Security Advisory - glibc - CVE-2014-8121

Created: Mar 30, 2015    Updated: Dec 3, 2018
Resolved Date: Aug 26, 2015
Found In Version: 6.0.0.20
Fix Version: 6.0.0.24
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Toolchain

Description

DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up while the database is iterated over the database, which triggers the file pointer to be reset.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8121

Other Downloads


Live chat
Online