AVG-368 log

Package	glibc
Status	Fixed
Severity	Critical
Type	multiple issues
Affected	2.25-7
Fixed	2.26-1
Current	2.40+r16+gaa533d58ff-2 [core]
Ticket	None
Created	Wed Aug 2 15:26:27 2017

Issue	Severity	Remote	Type	Description
CVE-2017-12133	Critical	Yes	Arbitrary code execution	A use-after-free vulnerability has been found the GNU C Library (aka glibc or libc6) before version 2.26, in clntudp_call in the Sun RPC system.
CVE-2017-12132	Medium	Yes	Content spoofing	The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from...

Issue

Severity

Remote

Type

Description

CVE-2017-12133

Critical

Yes

Arbitrary code execution

A use-after-free vulnerability has been found the GNU C Library (aka glibc or libc6) before version 2.26, in clntudp_call in the Sun RPC system.

CVE-2017-12132

Medium

Yes

Content spoofing

The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from...