Описание
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.
Отчет
This issue does not affect the versions of gcc compiler shipped with Red Hat Enterprise Linux, because The patch for CVE-2016-4429 was not backported for those versions of glibc.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | compat-glibc | Not affected | ||
| Red Hat Enterprise Linux 5 | glibc | Not affected | ||
| Red Hat Enterprise Linux 6 | compat-glibc | Not affected | ||
| Red Hat Enterprise Linux 6 | glibc | Not affected | ||
| Red Hat Enterprise Linux 7 | compat-glibc | Not affected | ||
| Red Hat Enterprise Linux 7 | glibc | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
3.7 Low
CVSS3
Связанные уязвимости
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.
Use-after-free vulnerability in the clntudp_call function in sunrpc/cl ...
EPSS
3.7 Low
CVSS3