CVE-2016-3706
N/A
N/A
Summary
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4ab2ab03d4351914ee53248dc5aef4a8c88ff8b9
- http://www.securityfocus.com/bid/88440
- http://www-01.ibm.com/support/docview.wss?uid=swg21995039
- https://sourceware.org/bugzilla/show_bug.cgi?id=20010
- https://source.android.com/security/bulletin/2017-12-01
- http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html
- http://www.securityfocus.com/bid/102073
References
- http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4ab2ab03d4351914ee53248dc5aef4a8c88ff8b9
- http://www.securityfocus.com/bid/88440
- http://www-01.ibm.com/support/docview.wss?uid=swg21995039
- https://sourceware.org/bugzilla/show_bug.cgi?id=20010
- https://source.android.com/security/bulletin/2017-12-01
- http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html
- http://www.securityfocus.com/bid/102073
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.