CVE
CVE-2017-8804
| CVE ID |
CVE-2017-8804
|
|---|---|
| CVSS Score |
7.5
|
| Operating System | |
| Affected Versions |
CentOS 7
|
| Patched Versions |
2.17-326_ol007.el7_9.3
|
| Patch Date |
|
Additional Information
NVD Listing: https://nvd.nist.gov/vuln/detail/CVE-2017-8804
The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779. NOTE: [Information provided from upstream and references