diff options
author | Florian Weimer <fweimer@redhat.com> | 2018-11-27 16:12:43 +0100 |
---|---|---|
committer | Pranav Kant <prka@google.com> | 2024-01-12 23:20:06 +0000 |
commit | ac5b88042331d3a6ba0e44f8ebcc41a35ec1dab2 (patch) | |
tree | dc37f02acfd00e9271b6c9b0379c490c9301c9af /NEWS | |
parent | 66bec53f073ca8ef6ac138dfe22ae9af7ce1d9db (diff) | |
download | glibc-ac5b88042331d3a6ba0e44f8ebcc41a35ec1dab2.zip glibc-ac5b88042331d3a6ba0e44f8ebcc41a35ec1dab2.tar.gz glibc-ac5b88042331d3a6ba0e44f8ebcc41a35ec1dab2.tar.bz2 |
CVE-2018-19591: if_nametoindex: Fix descriptor for overlong name [BZ #23927]
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -32,6 +32,10 @@ Security related changes: addresses with arbitrary trailing characters, potentially leading to data or command injection issues in applications. + CVE-2018-19591: A file descriptor leak in if_nametoindex can lead to a + denial of service due to resource exhaustion when processing getaddrinfo + calls with crafted host names. Reported by Guido Vranken. + CVE-2017-18269: An SSE2-based memmove implementation for the i386 architecture could corrupt memory. Reported by Max Horn. |