Launchpad CVE tracker

CVE 2016-3075

Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name.

Related bugs and status

CVE-2016-3075 (Candidate) is related to these bugs:

Bug #1546457: libc6 2.15-0ubuntu10.13 doesn't mark reboot-required

		In	Importance	Status
1546457	libc6 2.15-0ubuntu10.13 doesn't mark reboot-required	glibc (Ubuntu)	High	Fix Released
1546457	libc6 2.15-0ubuntu10.13 doesn't mark reboot-required	eglibc (Ubuntu Precise)	High	Fix Released
1546457	libc6 2.15-0ubuntu10.13 doesn't mark reboot-required	eglibc (Ubuntu Trusty)	High	Fix Released
1546457	libc6 2.15-0ubuntu10.13 doesn't mark reboot-required	glibc (Ubuntu Wily)	High	Fix Released

Bug #1560577: Confusing new locale-gen behavior

Summary				In	Importance	Status
	1560577	Confusing new locale-gen behavior		glibc (Ubuntu)	High	Fix Released

Bug #1561621: mosh-server crashed with SIGSEGV in execute_helper()

		In	Importance	Status
1561621	mosh-server crashed with SIGSEGV in execute_helper()	mosh (Ubuntu)	Undecided	Fix Released
1561621	mosh-server crashed with SIGSEGV in execute_helper()	mosh (Debian)	Unknown	Fix Released
1561621	mosh-server crashed with SIGSEGV in execute_helper()	GLibC	Medium	Fix Released
1561621	mosh-server crashed with SIGSEGV in execute_helper()	glibc (Ubuntu)	Medium	Confirmed

Bug #1564918: glibc/s390: Save and restore fprs/vrs while resolving symbols.

Summary				In	Importance	Status
	1564918	glibc/s390: Save and restore fprs/vrs while resolving symbols.		glibc (Ubuntu)	High	Fix Released
	1564918	glibc/s390: Save and restore fprs/vrs while resolving symbols.		Ubuntu on IBM z Systems	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2016-3075

References