The gnu c Library glob Stack Buffer Overflow Vulnerability (CVE-2016-1234)
The gnu c Library glob Stack Buffer Overflow Vulnerability (CVE-2016-1234)
Release date:
Updated on:
Affected Systems:
Gnu c Library (glibc) <2.24
Description:
CVE (CAN) ID: CVE-2016-1234
Glibc is the libc library released by GNU, that is, the c Runtime Library.
In versions earlier than gnu c Library (glibc) 2.24, the glob Implementation has the stack buffer overflow vulnerability when GLOB_ALTDIRFUNC is used. Attackers with independent context can use long names to cause DoS attacks.
<* Source: Florian Weimer
*>
Suggestion:
Vendor patch:
GNU
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://sourceware.org/bugzilla/show_bug.cgi? Id = 19779
Http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html
Https://sourceware.org/git/gitweb.cgi? P = glibc. git; h = 5171f3079f2cc53e0548fc4967361f4d1ce9d7ea
Upgrade Glibc in Linux
Dangerous! GHOST (GHOST) vulnerability exposure
GNU glibc gethostbyname Buffer Overflow Vulnerability
Glibc gethostbyname Buffer Overflow Vulnerability (CVE-2015-0235)
Linux glibc ghost vulnerability test and repair methods