Wind River Support Network

HomeDefectsLIN5-20142
Fixed

LIN5-20142 : Security Advisory - glibc - CVE-2013-7423

Created: Feb 25, 2015    Updated: Dec 19, 2017
Resolved Date: May 8, 2015
Found In Version: 5.0.1.24
Fix Version: 5.0.1.26
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Toolchain

Description

The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of request that trigger a call to the getaddrinfo function.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7423

Other Downloads


Live chat
Online