MGASA-2016-0270
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 31 Jul 2016, 20:39
Last modified:16 Apr 2026, 06:23
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
31 Jul 2016, 20:39
Published
Vulnerability first disclosed
16 Apr 2026, 06:23
Last Modified
Vulnerability information updated
Description
Updated glibc and libtirpc packages fixes security vulnerability A stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets (CVE-2016-4429). A similar issue was fixed in lnt_dg_call in src/clnt_dg.c in libtirpc package as part of this update. Other fixes in this update: - Fix static dlopen default library search path [Glibc BZ #17250] - grantpt: trust the kernel about pty group and permission mode [Glibc BZ #19347]
Affected Systems
- mageia•glibc
< 2.20-23.mga5
- mageia•libtirpc
< 0.2.5-3.1.mga5