Integer overflow in the GNU C Library (aka glibc or libc6) prior to 2.23 allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fedoraproject fedora 23 |
||
debian debian linux 8.0 |
||
canonical ubuntu linux 15.10 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 14.04 |
||
gnu glibc |
||
suse linux enterprise desktop 11 |
||
suse linux enterprise server 11 |
||
suse linux enterprise software development kit 12 |
||
suse suse linux enterprise server 12 |
||
suse linux enterprise desktop 12 |
||
suse linux enterprise debuginfo 11 |
||
opensuse opensuse 13.2 |
||
suse linux enterprise server 12 |
||
suse linux enterprise software development kit 11 |