DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and previous versions does not properly check if a file is open, which allows remote malicious users to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
suse suse linux enterprise server 11.0 |
||
suse suse linux enterprise desktop 11 |
||
gnu glibc |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 15.10 |
||
canonical ubuntu linux 14.04 |