MGASA-2017-0091

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2015-5180 CVE-2016-5417

Published: 27 Mar 2017, 13:55

Last modified:16 Apr 2026, 06:23

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

27 Mar 2017, 13:55

Published

Vulnerability first disclosed

16 Apr 2026, 06:23

Last Modified

Vulnerability information updated

Description

Updated glibc packages fix security vulnerability Florian Weimer discovered a NULL pointer dereference in the DNS resolver of the GNU C Library. An attacker could use this to cause a denial of service (CVE-2015-5180). Tim Ruehsen discovered that the getaddrinfo() implementation in the GNU C Library did not properly track memory allocations. An attacker could use this to cause a denial of service (CVE-2016-5417).

Affected Systems

mageia•glibc
< 2.20-24.mga5

References (2)

https://advisories.mageia.org/MGASA-2017-0091.html
https://bugs.mageia.org/show_bug.cgi?id=20552