Home

CVE-2017-15670

Description

The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.237

Associated Vulnerability

VulnerabilityOS Platform
GNU C Library (USN-3534-1) libc6_2.23-0ubuntu10_i386.debLinux
GNU C Library (USN-3534-1) libc6_2.23-0ubuntu10_amd64.debLinux
GNU C Library (USN-3534-1) libc6_2.26-0ubuntu2.1_i386.debLinux
GNU C Library (USN-3534-1) libc6_2.26-0ubuntu2.1_amd64.debLinux
Glibc security update (CESA-2017:1480) nscd-2.12-1.212.el6.i686.rpmLinux
Glibc security update (CESA-2017:1480) nscd-2.12-1.212.el6.x86_64.rpmLinux
Glibc security update (CESA-2017:1480) glibc-2.12-1.212.el6.i686.rpmLinux
Glibc security update (CESA-2017:1480) glibc-2.12-1.212.el6.x86_64.rpmLinux
Glibc security update (CESA-2017:1480) glibc-devel-2.12-1.212.el6.i686.rpmLinux
Glibc security update (CESA-2017:1480) glibc-devel-2.12-1.212.el6.x86_64.rpmLinux
Glibc security update (CESA-2017:1480) glibc-utils-2.12-1.212.el6.i686.rpmLinux
Glibc security update (CESA-2017:1480) glibc-utils-2.12-1.212.el6.x86_64.rpmLinux
Glibc security update (CESA-2017:1480) glibc-common-2.12-1.212.el6.i686.rpmLinux
Glibc security update (CESA-2017:1480) glibc-common-2.12-1.212.el6.x86_64.rpmLinux
Glibc security update (CESA-2017:1480) glibc-static-2.12-1.212.el6.i686.rpmLinux
Glibc security update (CESA-2017:1480) glibc-static-2.12-1.212.el6.x86_64.rpmLinux
Glibc security update (CESA-2017:1480) glibc-headers-2.12-1.212.el6.i686.rpmLinux
Glibc security update (CESA-2017:1480) glibc-headers-2.12-1.212.el6.x86_64.rpmLinux
(RHSA-2018:0805) Moderate: glibc security, bug fix, and enhancement update glibc-2.17-222.el7.i686.rpmLinux
(RHSA-2018:0805) Moderate: glibc security, bug fix, and enhancement update glibc-2.17-222.el7.x86_64.rpmLinux
(RHSA-2018:0805) Moderate: glibc security, bug fix, and enhancement update glibc-common-2.17-222.el7.x86_64.rpmLinux
(RHSA-2018:0805) Moderate: glibc security, bug fix, and enhancement update glibc-devel-2.17-222.el7.i686.rpmLinux
(RHSA-2018:0805) Moderate: glibc security, bug fix, and enhancement update glibc-devel-2.17-222.el7.x86_64.rpmLinux
(RHSA-2018:0805) Moderate: glibc security, bug fix, and enhancement update glibc-headers-2.17-222.el7.x86_64.rpmLinux
(RHSA-2018:0805) Moderate: glibc security, bug fix, and enhancement update glibc-static-2.17-222.el7.i686.rpmLinux
(RHSA-2018:0805) Moderate: glibc security, bug fix, and enhancement update glibc-static-2.17-222.el7.x86_64.rpmLinux
(RHSA-2018:0805) Moderate: glibc security, bug fix, and enhancement update glibc-utils-2.17-222.el7.x86_64.rpmLinux
(RHSA-2018:0805) Moderate: glibc security, bug fix, and enhancement update nscd-2.17-222.el7.x86_64.rpmLinux
(RHSA-2018:1879) Moderate: glibc security and bug fix update glibc-2.12-1.212.el6.i686.rpmLinux
(RHSA-2018:1879) Moderate: glibc security and bug fix update glibc-2.12-1.212.el6.x86_64.rpmLinux
(RHSA-2018:1879) Moderate: glibc security and bug fix update glibc-common-2.12-1.212.el6.i686.rpmLinux
(RHSA-2018:1879) Moderate: glibc security and bug fix update glibc-common-2.12-1.212.el6.x86_64.rpmLinux
(RHSA-2018:1879) Moderate: glibc security and bug fix update glibc-devel-2.12-1.212.el6.i686.rpmLinux
(RHSA-2018:1879) Moderate: glibc security and bug fix update glibc-devel-2.12-1.212.el6.x86_64.rpmLinux
(RHSA-2018:1879) Moderate: glibc security and bug fix update glibc-headers-2.12-1.212.el6.i686.rpmLinux
(RHSA-2018:1879) Moderate: glibc security and bug fix update glibc-headers-2.12-1.212.el6.x86_64.rpmLinux
(RHSA-2018:1879) Moderate: glibc security and bug fix update glibc-static-2.12-1.212.el6.i686.rpmLinux
(RHSA-2018:1879) Moderate: glibc security and bug fix update glibc-static-2.12-1.212.el6.x86_64.rpmLinux
(RHSA-2018:1879) Moderate: glibc security and bug fix update glibc-utils-2.12-1.212.el6.i686.rpmLinux
(RHSA-2018:1879) Moderate: glibc security and bug fix update glibc-utils-2.12-1.212.el6.x86_64.rpmLinux
(RHSA-2018:1879) Moderate: glibc security and bug fix update nscd-2.12-1.212.el6.i686.rpmLinux
(RHSA-2018:1879) Moderate: glibc security and bug fix update nscd-2.12-1.212.el6.x86_64.rpmLinux
SUSE-SU-2018:2883-1(SUSE Linux Enterprise Server 11-SP4 ) glibc-2.11.3-17.110.19.2.x86_64.rpmLinux
SUSE-SU-2018:2883-1(SUSE Linux Enterprise Server 11-SP4 ) glibc-32bit-2.11.3-17.110.19.2.x86_64.rpmLinux
SUSE-SU-2018:2883-1(SUSE Linux Enterprise Server 11-SP4 ) glibc-devel-2.11.3-17.110.19.2.x86_64.rpmLinux
SUSE-SU-2018:2883-1(SUSE Linux Enterprise Server 11-SP4 ) glibc-devel-32bit-2.11.3-17.110.19.2.x86_64.rpmLinux
SUSE-SU-2018:2883-1(SUSE Linux Enterprise Server 11-SP4 ) glibc-html-2.11.3-17.110.19.2.x86_64.rpmLinux
SUSE-SU-2018:2883-1(SUSE Linux Enterprise Server 11-SP4 ) glibc-i18ndata-2.11.3-17.110.19.2.x86_64.rpmLinux
SUSE-SU-2018:2883-1(SUSE Linux Enterprise Server 11-SP4 ) glibc-info-2.11.3-17.110.19.2.x86_64.rpmLinux
SUSE-SU-2018:2883-1(SUSE Linux Enterprise Server 11-SP4 ) glibc-locale-2.11.3-17.110.19.2.x86_64.rpmLinux
SUSE-SU-2018:2883-1(SUSE Linux Enterprise Server 11-SP4 ) glibc-locale-32bit-2.11.3-17.110.19.2.x86_64.rpmLinux
SUSE-SU-2018:2883-1(SUSE Linux Enterprise Server 11-SP4 ) glibc-profile-2.11.3-17.110.19.2.x86_64.rpmLinux
SUSE-SU-2018:2883-1(SUSE Linux Enterprise Server 11-SP4 ) glibc-profile-32bit-2.11.3-17.110.19.2.x86_64.rpmLinux
SUSE-SU-2018:2883-1(SUSE Linux Enterprise Server 11-SP4 ) nscd-2.11.3-17.110.19.2.x86_64.rpmLinux
Glibc update (ELSA-2018-0805) glibc-2.17-222.el7.x86_64.rpmLinux
Glibc-common update (ELSA-2018-0805) glibc-common-2.17-222.el7.x86_64.rpmLinux
Glibc-devel update (ELSA-2018-0805) glibc-devel-2.17-222.el7.x86_64.rpmLinux
Glibc-headers update (ELSA-2018-0805) glibc-headers-2.17-222.el7.x86_64.rpmLinux
Glibc-static update (ELSA-2018-0805) glibc-static-2.17-222.el7.x86_64.rpmLinux
Glibc-utils update (ELSA-2018-0805) glibc-utils-2.17-222.el7.x86_64.rpmLinux
Nscd update (ELSA-2018-0805) nscd-2.17-222.el7.x86_64.rpmLinux
Glibc update (ELSA-2018-0805) glibc-2.17-222.el7.i686.rpmLinux
Glibc-devel update (ELSA-2018-0805) glibc-devel-2.17-222.el7.i686.rpmLinux
Glibc-static update (ELSA-2018-0805) glibc-static-2.17-222.el7.i686.rpmLinux
Glibc update (ELSA-2018-1879) glibc-2.12-1.212.0.1.el6.x86_64.rpmLinux
Glibc-common update (ELSA-2018-1879) glibc-common-2.12-1.212.0.1.el6.x86_64.rpmLinux
Glibc-devel update (ELSA-2018-1879) glibc-devel-2.12-1.212.0.1.el6.x86_64.rpmLinux
Glibc-headers update (ELSA-2018-1879) glibc-headers-2.12-1.212.0.1.el6.x86_64.rpmLinux
Glibc-static update (ELSA-2018-1879) glibc-static-2.12-1.212.0.1.el6.x86_64.rpmLinux
Glibc-utils update (ELSA-2018-1879) glibc-utils-2.12-1.212.0.1.el6.x86_64.rpmLinux
Nscd update (ELSA-2018-1879) nscd-2.12-1.212.0.1.el6.x86_64.rpmLinux
Glibc update (ELSA-2018-1879) glibc-2.12-1.212.0.1.el6.i686.rpmLinux
Glibc-common update (ELSA-2018-1879) glibc-common-2.12-1.212.0.1.el6.i686.rpmLinux
Glibc-devel update (ELSA-2018-1879) glibc-devel-2.12-1.212.0.1.el6.i686.rpmLinux
Glibc-headers update (ELSA-2018-1879) glibc-headers-2.12-1.212.0.1.el6.i686.rpmLinux
Glibc-static update (ELSA-2018-1879) glibc-static-2.12-1.212.0.1.el6.i686.rpmLinux
Glibc-utils update (ELSA-2018-1879) glibc-utils-2.12-1.212.0.1.el6.i686.rpmLinux
Nscd update (ELSA-2018-1879) nscd-2.12-1.212.0.1.el6.i686.rpmLinux
Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-15670)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234