| Revision Date: | 2017-12-05 | Version: | 1 | | Title: | CVE-2017-17426 on Ubuntu 16.04 LTS (xenial) - medium. | | Description: | The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache (aka tcache) feature enables a code path that lacks an integer overflow check.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2017-17426
| | Platform(s): | Ubuntu 16.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 16.04 LTS (xenial) is installed. AND Package Information
NOT glibc-source package in xenial, while related to the CVE in some way, is not affected.
OR NOT libc-bin package in xenial, while related to the CVE in some way, is not affected.
OR NOT libc6 package in xenial, while related to the CVE in some way, is not affected.
OR NOT libc6-amd64 package in xenial, while related to the CVE in some way, is not affected.
OR NOT libc6-armel package in xenial, while related to the CVE in some way, is not affected.
OR NOT libc6-i386 package in xenial, while related to the CVE in some way, is not affected.
OR NOT libc6-pic package in xenial, while related to the CVE in some way, is not affected.
OR NOT libc6-ppc64 package in xenial, while related to the CVE in some way, is not affected.
OR NOT libc6-s390 package in xenial, while related to the CVE in some way, is not affected.
OR NOT libc6-x32 package in xenial, while related to the CVE in some way, is not affected.
OR NOT locales package in xenial, while related to the CVE in some way, is not affected.
OR NOT locales-all package in xenial, while related to the CVE in some way, is not affected.
OR NOT multiarch-support package in xenial, while related to the CVE in some way, is not affected.
OR NOT nscd package in xenial, while related to the CVE in some way, is not affected.
|
|