A flaw was found in glibc where the size of an internal buffer was not correctly computed when processing netgroup requests. A remote attacker able to send netgroup requests that were processed by the nscd daemon could cause the ncsd to crash or, potentially, execute code as the user running nscd. Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=16695 Upstream patch: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=c44496df2f090a56d3bf75df930592dac6bba46f
Statement: This issue did not affect the versions of glibc as shipped with Red Hat Enterprise Linux 5 as they did not include support for netgroups. Red Hat Enterprise Linux 6 and 7 already include the fixed version of the package.
All versions of glibc-linux-arm-gnu in Fedora are newer than 2.20.