Back to bug 1321866
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-03-29 09:47:04 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-03-29 09:47:04 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-03-29 09:49:13 UTC | Blocks | 1321867 | |
| Florian Weimer | 2016-03-29 10:54:56 UTC | Link ID | Sourceware 19879 | |
| Adam Mariš | 2016-03-29 12:59:54 UTC | Whiteboard | impact=low,public=no,reported=20160325,source=redhat,cvss2=4.0/AV:N/AC:H/Au:N/C:N/I:P/A:P,cwe=CWE-121,rhel-5/glibc=new,rhel-5/compat-glibc=new,rhel-6/glibc=new,rhel-6/compat-glibc=new,rhel-7/glibc=new,rhel-7/compat-glibc=new,fedora-all/glibc=affected | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=4.0/AV:N/AC:H/Au:N/C:N/I:P/A:P,cwe=CWE-121,rhel-5/glibc=new,rhel-5/compat-glibc=new,rhel-6/glibc=new,rhel-6/compat-glibc=new,rhel-7/glibc=new,rhel-7/compat-glibc=new,fedora-all/glibc=affected |
| Adam Mariš | 2016-03-29 13:00:29 UTC | Summary | EMBARGOED CVE-2016-3075 glibc: Stack overflow in nss_dns_getnetbyname_r | CVE-2016-3075 glibc: Stack overflow in nss_dns_getnetbyname_r |
| Adam Mariš | 2016-03-29 13:00:32 UTC | Group | security, qe_staff | |
| Adam Mariš | 2016-03-29 13:03:22 UTC | Depends On | 1321954 | |
| Adam Mariš | 2016-03-29 14:19:07 UTC | Whiteboard | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=4.0/AV:N/AC:H/Au:N/C:N/I:P/A:P,cwe=CWE-121,rhel-5/glibc=new,rhel-5/compat-glibc=new,rhel-6/glibc=new,rhel-6/compat-glibc=new,rhel-7/glibc=new,rhel-7/compat-glibc=new,fedora-all/glibc=affected | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=4.0/AV:N/AC:H/Au:N/C:N/I:P/A:P,cwe=CWE-121,rhel-5/glibc=new,rhel-5/compat-glibc=new,rhel-6/glibc=new,rhel-6/compat-glibc=new,rhel-7/glibc=affected,rhel-7/compat-glibc=new,fedora-all/glibc=affected |
| Adam Mariš | 2016-03-29 14:19:26 UTC | Depends On | 1321993 | |
| Slawomir Czarko | 2016-03-30 08:25:07 UTC | CC | slawomir | |
| Norman Sardella | 2016-05-16 13:36:59 UTC | CC | sardella | |
| Nathan Galvin | 2016-06-23 14:06:26 UTC | CC | ngalvin | |
| Doran Moppert | 2016-07-25 03:27:20 UTC | Fixed In Version | glibc 2.24 | |
| Doran Moppert | 2016-07-25 03:37:41 UTC | Whiteboard | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=4.0/AV:N/AC:H/Au:N/C:N/I:P/A:P,cwe=CWE-121,rhel-5/glibc=new,rhel-5/compat-glibc=new,rhel-6/glibc=new,rhel-6/compat-glibc=new,rhel-7/glibc=affected,rhel-7/compat-glibc=new,fedora-all/glibc=affected | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=4.0/AV:N/AC:H/Au:N/C:N/I:P/A:P,cwe=CWE-121,rhel-5/glibc=affected,rhel-5/compat-glibc=new,rhel-6/glibc=affected,rhel-6/compat-glibc=new,rhel-7/glibc=affected,rhel-7/compat-glibc=new,fedora-all/glibc=affected |
| Doran Moppert | 2016-07-25 03:49:57 UTC | Whiteboard | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=4.0/AV:N/AC:H/Au:N/C:N/I:P/A:P,cwe=CWE-121,rhel-5/glibc=affected,rhel-5/compat-glibc=new,rhel-6/glibc=affected,rhel-6/compat-glibc=new,rhel-7/glibc=affected,rhel-7/compat-glibc=new,fedora-all/glibc=affected | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=4.0/AV:N/AC:H/Au:N/C:N/I:P/A:P,cwe=CWE-121,rhel-5/glibc=affected,rhel-5/compat-glibc=affected,rhel-6/glibc=affected,rhel-6/compat-glibc=affected,rhel-7/glibc=affected,rhel-7/compat-glibc=affected,fedora-all/glibc=affected |
| Yasuhiro Ozone | 2016-07-26 03:28:27 UTC | CC | yozone | |
| Doran Moppert | 2016-08-05 00:38:28 UTC | Whiteboard | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=4.0/AV:N/AC:H/Au:N/C:N/I:P/A:P,cwe=CWE-121,rhel-5/glibc=affected,rhel-5/compat-glibc=affected,rhel-6/glibc=affected,rhel-6/compat-glibc=affected,rhel-7/glibc=affected,rhel-7/compat-glibc=affected,fedora-all/glibc=affected | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cwe=CWE-121,rhel-5/glibc=affected,rhel-5/compat-glibc=affected,rhel-6/glibc=affected,rhel-6/compat-glibc=affected,rhel-7/glibc=affected,rhel-7/compat-glibc=affected,fedora-all/glibc=affected |
| Doran Moppert | 2016-08-05 00:39:57 UTC | Whiteboard | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cwe=CWE-121,rhel-5/glibc=affected,rhel-5/compat-glibc=affected,rhel-6/glibc=affected,rhel-6/compat-glibc=affected,rhel-7/glibc=affected,rhel-7/compat-glibc=affected,fedora-all/glibc=affected | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=4.5/CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L,cwe=CWE-121,rhel-5/glibc=affected,rhel-5/compat-glibc=affected,rhel-6/glibc=affected,rhel-6/compat-glibc=affected,rhel-7/glibc=affected,rhel-7/compat-glibc=affected,fedora-all/glibc=affected |
| Doran Moppert | 2016-08-25 03:58:04 UTC | Whiteboard | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=4.5/CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L,cwe=CWE-121,rhel-5/glibc=affected,rhel-5/compat-glibc=affected,rhel-6/glibc=affected,rhel-6/compat-glibc=affected,rhel-7/glibc=affected,rhel-7/compat-glibc=affected,fedora-all/glibc=affected | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=4.5/CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L,cwe=CWE-121,rhel-5/glibc=wontfix,rhel-5/compat-glibc=wontfix,rhel-6/glibc=wontfix,rhel-6/compat-glibc=wontfix,rhel-7/glibc=affected,rhel-7/compat-glibc=affected,fedora-all/glibc=affected |
| Doran Moppert | 2016-08-25 04:01:34 UTC | Doc Text | A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include "networks: dns" with a privileged or network-facing service that would attempt to resolve user-provided network names, an attacker could provide an excessively long network name, resulting in stack corruption and code execution. | |
| Huzaifa S. Sidhpurwala | 2016-08-25 05:49:43 UTC | Blocks | 1323912 | |
| Tomas Hoger | 2016-10-19 08:26:44 UTC | Doc Text | A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include "networks: dns" with a privileged or network-facing service that would attempt to resolve user-provided network names, an attacker could provide an excessively long network name, resulting in stack corruption and code execution. | A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include "networks: dns" with a privileged or network-facing service that would attempt to resolve user-provided network names, an attacker could provide an excessively long network name, resulting in stack corruption and code execution. |
| Doran Moppert | 2017-02-21 03:52:00 UTC | CC | arjun.is, dj, glibc-bugzilla, law, mfabian, sid | |
| Whiteboard | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=3.7/AV:L/AC:H/Au:N/C:P/I:P/A:P,cvss3=4.5/CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L,cwe=CWE-121,rhel-5/glibc=wontfix,rhel-5/compat-glibc=wontfix,rhel-6/glibc=wontfix,rhel-6/compat-glibc=wontfix,rhel-7/glibc=affected,rhel-7/compat-glibc=affected,fedora-all/glibc=affected | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=5.8/AV:N/AC:H/Au:M/C:P/I:P/A:C,cvss3=7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H,cwe=CWE-121,rhel-5/glibc=wontfix,rhel-5/compat-glibc=wontfix,rhel-6/glibc=wontfix,rhel-6/compat-glibc=wontfix,rhel-7/glibc=affected,rhel-7/compat-glibc=affected,fedora-all/glibc=affected | ||
| Product Security DevOps Team | 2019-06-08 02:50:09 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 02:50:09 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:46:44 UTC | Whiteboard | impact=low,public=20160329,reported=20160325,source=redhat,cvss2=5.8/AV:N/AC:H/Au:M/C:P/I:P/A:C,cvss3=7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H,cwe=CWE-121,rhel-5/glibc=wontfix,rhel-5/compat-glibc=wontfix,rhel-6/glibc=wontfix,rhel-6/compat-glibc=wontfix,rhel-7/glibc=affected,rhel-7/compat-glibc=affected,fedora-all/glibc=affected |
Back to bug 1321866