oss-sec mailing list archives

Re: CVE request: glibc

From: cve-assign () mitre org
Date: Wed, 17 Dec 2014 19:40:52 -0500 (EST)


On Mon, 15 Dec 2014, Florian Weimer wrote:

The getnetbyname function in glibc 2.21 in earlier will enter an infiniteloop if the DNS backend is activated in the system Name Service Switchconfiguration, and the DNS resolver receives a positive answer whileprocessing the network name.
Upstream reference:

 <https://sourceware.org/bugzilla/show_bug.cgi?id=17630>


Use CVE-2014-9402.

---

CVE assignment team, MITRE CVE Numbering Authority M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]

Current thread:

CVE request: glibc Florian Weimer (Dec 15)
- Re: CVE request: glibc cve-assign (Dec 17)