AVG-460

Package glibc, lib32-glibc
Status Fixed
Severity High
Type multiple issues
Affected 2.26-8
Fixed 2.26-9
Current 2.26-11 [core]
Ticket None
Created Sat Oct 21 21:39:30 2017
Issue Severity Remote Type Description
CVE-2017-15671 Medium Yes Denial of service
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when...
CVE-2017-15670 High Yes Arbitrary code execution
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by- one error leading to a heap-based buffer overflow in the glob function in glob.c,...
Date Advisory Package Description
10 Jan 2018 ASA-201801-9 glibc multiple issues
10 Jan 2018 ASA-201801-8 lib32-glibc multiple issues
References
http://seclists.org/oss-sec/2017/q4/119