MGASA-2018-0096

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2017-16997 CVE-2018-1000001

Published: 25 Jan 2018, 12:47

Last modified:16 Apr 2026, 06:23

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

25 Jan 2018, 12:47

Published

Vulnerability first disclosed

16 Apr 2026, 06:23

Last Modified

Vulnerability information updated

Description

Updated glibc packages fix security vulnerabilities Updated glibc packages fix security vulnerabilities: An issue in the code handling RPATHs was fixed that could have been exploited by an attacker to execute code loaded from arbitrary libraries (CVE-2017-16997). A privilege escalation bug in the realpath() function when the getcwd() system call doesn't return a valid absolute pathname (CVE-2018-1000001). Also, support for the C.UTF-8 locale has been added in the locales package.

Affected Systems

mageia•glibc
< 2.22-27.mga6
mageia•locales
< 2.22-7.mga6

MGASA-2018-0096

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)