Wind River Support Network

HomeDefectsLIN8-8053

Fixed

LIN8-8053 : Security Advisory - glibc - CVE-2017-15671

Created: Oct 23, 2017 Updated: Dec 3, 2018

Resolved Date: Dec 21, 2017

Previous ID: LIN9-5633

Found In Version: 8.0.0.21

Fix Version: 8.0.0.25

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Toolchain

Description

The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak).

https://nvd.nist.gov/vuln/detail/CVE-2017-15671

Other Downloads

Wind River Linux 8.0.0.25
Wind River Linux 8.0.0.26
Wind River Linux 8.0.0.27
Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2017-15671