A stack overflow vulnerability was found in nan* functions that could cause applications which process long strings with the nan function to crash or, potentially, execute arbitrary code. Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=16962 CVE assignment: http://seclists.org/oss-sec/2016/q1/153
Created glibc tracking bugs for this issue: Affects: fedora-all [bug 1300311]
Mitigation: Do not use any applications which call the affected nan* functions. These functions are used only very rarely.
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2017:0680 https://rhn.redhat.com/errata/RHSA-2017-0680.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:1916 https://access.redhat.com/errata/RHSA-2017:1916