Wind River Support Network

HomeDefectsLIN8-8052

Fixed

LIN8-8052 : Security Advisory - glibc - CVE-2017-15670

Created: Oct 23, 2017 Updated: Dec 3, 2018

Resolved Date: Dec 21, 2017

Previous ID: LIN9-5625

Found In Version: 8.0.0.21

Fix Version: 8.0.0.25

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Toolchain

Description

The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.

https://nvd.nist.gov/vuln/detail/CVE-2017-15670

Other Downloads

Wind River Linux 8.0.0.25
Wind River Linux 8.0.0.26
Wind River Linux 8.0.0.27
Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2017-15670