CVE-2014-8121

EPSS 2.5%

eglibc - security update

發布日:2015/3/27修改日:2026/4/28

描述

DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.

受影響套件(3)

Debian/eglibcfrom 0, < 2.11.3-4+deb6u7
Debian/eglibcfrom 0, < 2.13-38+deb7u10
Debian/glibcfrom 0, < 2.21-1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-8121