The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779. NOTE: [Information provided from upstream and references
References
Configurations
History
07 Nov 2023, 02:50
Type | Values Removed | Values Added |
---|---|---|
Summary | The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779. NOTE: [Information provided from upstream and references |
Information
Published : 2017-05-07 18:29
Updated : 2024-08-05 17:15
NVD link : CVE-2017-8804
Mitre link : CVE-2017-8804
CVE.ORG link : CVE-2017-8804
JSON object : View
Products Affected
gnu
- glibc
CWE
CWE-502
Deserialization of Untrusted Data