SciLinux: CVE-2015-0235 Critical: glibc SL6.x, SL7.x i386/x86_64

Date:         Tue, 27 Jan 2015 21:16:06 +0000
Reply-To:     scientific-linux-users@listserv.fnal.gov
Sender:       Security Errata for Scientific Linux
              
From:         Pat Riehecky 
Subject:      Security ERRATA Critical: glibc on SL6.x, SL7.x i386/x86_64
MIME-Version: 1.0

Synopsis:          Critical: glibc security update
Advisory ID:       SLSA-2015:0092-1
Issue Date:        2015-01-27
CVE Numbers:       CVE-2015-0235
--

A heap-based buffer overflow was found in glibc's
__nss_hostname_digits_dots() function, which is used by the
gethostbyname() and gethostbyname2() glibc function calls. A remote
attacker able to make an application call either of these functions could
use this flaw to execute arbitrary code with the permissions of the user
running the application. (CVE-2015-0235)
--

SL6
  x86_64
    glibc-2.12-1.149.el6_6.5.i686.rpm
    glibc-2.12-1.149.el6_6.5.x86_64.rpm
    glibc-common-2.12-1.149.el6_6.5.x86_64.rpm
    glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm
    glibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm
    glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm
    glibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm
    glibc-devel-2.12-1.149.el6_6.5.i686.rpm
    glibc-devel-2.12-1.149.el6_6.5.x86_64.rpm
    glibc-headers-2.12-1.149.el6_6.5.x86_64.rpm
    glibc-utils-2.12-1.149.el6_6.5.x86_64.rpm
    nscd-2.12-1.149.el6_6.5.x86_64.rpm
    glibc-static-2.12-1.149.el6_6.5.i686.rpm
    glibc-static-2.12-1.149.el6_6.5.x86_64.rpm
  i386
    glibc-2.12-1.149.el6_6.5.i686.rpm
    glibc-common-2.12-1.149.el6_6.5.i686.rpm
    glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm
    glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm
    glibc-devel-2.12-1.149.el6_6.5.i686.rpm
    glibc-headers-2.12-1.149.el6_6.5.i686.rpm
    glibc-utils-2.12-1.149.el6_6.5.i686.rpm
    nscd-2.12-1.149.el6_6.5.i686.rpm
    glibc-static-2.12-1.149.el6_6.5.i686.rpm
SL7
  x86_64
    glibc-2.17-55.el7_0.5.i686.rpm
    glibc-2.17-55.el7_0.5.x86_64.rpm
    glibc-common-2.17-55.el7_0.5.x86_64.rpm
    glibc-debuginfo-2.17-55.el7_0.5.i686.rpm
    glibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm
    glibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm
    glibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm
    glibc-devel-2.17-55.el7_0.5.i686.rpm
    glibc-devel-2.17-55.el7_0.5.x86_64.rpm
    glibc-headers-2.17-55.el7_0.5.x86_64.rpm
    glibc-utils-2.17-55.el7_0.5.x86_64.rpm
    nscd-2.17-55.el7_0.5.x86_64.rpm
    glibc-static-2.17-55.el7_0.5.i686.rpm
    glibc-static-2.17-55.el7_0.5.x86_64.rpm

- Scientific Linux Development Team

What Are You Looking For?

SciLinux: CVE-2015-0235 Critical: glibc SL6.x, SL7.x i386/x86_64

Summary

Security Fixes

Kubernetes Security on AWS: A Practical Guide

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management

A Complete Guide to Torrenting Safely in 2024

Cloud Security Basics for Small Businesses

Scanning and Defending Networks with Nmap

CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

What Are You Looking For?

SciLinux: CVE-2015-0235 Critical: glibc SL6.x, SL7.x i386/x86_64

Summary

Security Fixes

Get the Latest News & Insights

Related News

News

Advisories

HOWTOs

Features

About Us

Powered By