AVG-368 log
Package | glibc |
Status | Fixed |
Severity | Critical |
Type | multiple issues |
Affected | 2.25-7 |
Fixed | 2.26-1 |
Current | 2.40+r16+gaa533d58ff-2 [core] |
Ticket | None |
Created | Wed Aug 2 15:26:27 2017 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2017-12133 | Critical | Yes | Arbitrary code execution | A use-after-free vulnerability has been found the GNU C Library (aka glibc or libc6) before version 2.26, in clntudp_call in the Sun RPC system. |
CVE-2017-12132 | Medium | Yes | Content spoofing | The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from... |