CVE-2015-7510Improper Restriction of Operations within the Bounds of a Memory Buffer in Project Systemd

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-121Stack-based Buffer Overflow8 documents7 sources
Severity
9.8CRITICALNVD
EPSS
0.6%
top 30.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Systemd Project Systemd
Timeline
PublishedSep 25
Latest updateMay 13

Description

Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

Debiansystemd_project/systemd< 229-1+3

Patches

Patch: bugzilla.redhat.comPatch: github.comPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-65cx-r47g-rqpv: Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd2022-05-13
CVEList
CVE-2015-7510: Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd2017-09-25
OSV
CVE-2015-7510: Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd2017-09-25

📋Vendor Advisories

2
Red Hat
systemd: Stack overflow in nss-mymachines2015-11-24
Debian
CVE-2015-7510: systemd - Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS mo...2015

💬Community

2
Bugzilla
CVE-2015-7510 systemd: Stack overflow in nss-mymachines [fedora-all]2015-11-24
Bugzilla
CVE-2015-7510 systemd: Stack overflow in nss-mymachines2015-11-23