CVE-2015-8779: Buffer Overflow

First published: Wed Jan 20 2016(Updated: )

Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat/glibc	<2.23	2.23
SUSE Linux Enterprise Debuginfo	=11-sp2
SUSE Linux Enterprise Debuginfo	=11-sp3
SUSE Linux Enterprise Debuginfo	=11-sp4
openSUSE openSUSE	=13.2
SUSE Linux Enterprise Desktop	=11-sp3
SUSE Linux Enterprise Desktop	=11-sp4
SUSE Linux Enterprise Desktop	=12
SUSE Linux Enterprise Desktop	=12-sp1
SUSE Linux Enterprise Server	=11-sp2
SUSE Linux Enterprise Server	=11-sp3
Suse Linux Enterprise Server	=11-sp3
SUSE Linux Enterprise Server	=11-sp4
SUSE Linux Enterprise Server	=12-sp1
SUSE Linux Enterprise Software Development Kit	=11-sp3
SUSE Linux Enterprise Software Development Kit	=11-sp4
SUSE Linux Enterprise Software Development Kit	=12
SUSE Linux Enterprise Software Development Kit	=12-sp1
SUSE SUSE Linux Enterprise Server	=12
Canonical Ubuntu Linux	=12.04
Canonical Ubuntu Linux	=14.04
Canonical Ubuntu Linux	=15.10
Debian Debian Linux	=8.0
GNU glibc	<=2.22
Fedoraproject Fedora	=23

Never miss a vulnerability like this again

Reference Links

agent/references
agent/last-modified-date
agent/first-publish-date
agent/type
agent/severity
agent/weakness
agent/author
agent/description
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2015-8779
agent/software-canonical-lookup
agent/event
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
agent/softwarecombine
collector/mitre-cve
source/MITRE
package-manager/redhat
vendor/suse
canonical/suse linux enterprise debuginfo
version/suse linux enterprise debuginfo/11-sp2
version/suse linux enterprise debuginfo/11-sp3
version/suse linux enterprise debuginfo/11-sp4
vendor/opensuse
canonical/opensuse opensuse
version/opensuse opensuse/13.2
canonical/suse linux enterprise desktop
version/suse linux enterprise desktop/11-sp3
version/suse linux enterprise desktop/11-sp4
version/suse linux enterprise desktop/12
version/suse linux enterprise desktop/12-sp1
canonical/suse linux enterprise server
version/suse linux enterprise server/11-sp2
version/suse linux enterprise server/11-sp3
version/suse linux enterprise server/11-sp4
version/suse linux enterprise server/12-sp1
canonical/suse linux enterprise software development kit
version/suse linux enterprise software development kit/11-sp3
version/suse linux enterprise software development kit/11-sp4
version/suse linux enterprise software development kit/12
version/suse linux enterprise software development kit/12-sp1
canonical/suse suse linux enterprise server
version/suse suse linux enterprise server/12
vendor/canonical
canonical/canonical ubuntu linux
version/canonical ubuntu linux/12.04
version/canonical ubuntu linux/14.04
version/canonical ubuntu linux/15.10
vendor/debian
canonical/debian debian linux
version/debian debian linux/8.0
vendor/gnu
canonical/gnu glibc
version/gnu glibc/2.22
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/23

CVE-2015-8779: Buffer Overflow

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact