CVE-2016-4429
published 2016-06-10CVE-2016-4429: Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial…
medium5.9CVSS 3.1
AVNACHPRNUINSUCNINAH
Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | glibc | < glibc 2.22-10 (bookworm) | glibc 2.22-10 (bookworm) |
| debian | libtirpc | < glibc 2.22-10 (bookworm) | glibc 2.22-10 (bookworm) |
| eglibc | eglibc | >= 0 < 2.19-0ubuntu6.10 | 2.19-0ubuntu6.10 |
| eglibc | eglibc | >= 0 < 2.19-0ubuntu6.11 | 2.19-0ubuntu6.11 |
| gnu | glibc | < 2.24 | 2.24 |
| gnu | glibc | >= 0 < 2.22-10 | 2.22-10 |
| gnu | glibc | >= 0 < 2.22-10 | 2.22-10 |
| gnu | glibc | >= 0 < 2.22-10 | 2.22-10 |
| gnu | glibc | >= 0 < 2.22-10 | 2.22-10 |
| gnu | glibc | >= 0 < 2.23-0ubuntu6 | 2.23-0ubuntu6 |
| gnu | glibc | >= 0 < 2.23-0ubuntu7 | 2.23-0ubuntu7 |
| android | — | — | |
| libtirpc_project | libtirpc | >= 0 < 0.2.5-1.1 | 0.2.5-1.1 |
| libtirpc_project | libtirpc | >= 0 < 0.2.5-1.1 | 0.2.5-1.1 |
| libtirpc_project | libtirpc | >= 0 < 0.2.5-1.1 | 0.2.5-1.1 |
| libtirpc_project | libtirpc | >= 0 < 0.2.5-1.1 | 0.2.5-1.1 |
| libtirpc_project | libtirpc | >= 0 < 0.2.2-5ubuntu2.1 | 0.2.2-5ubuntu2.1 |
| libtirpc_project | libtirpc | >= 0 < 0.2.5-1ubuntu0.1 | 0.2.5-1ubuntu0.1 |
| libtirpc_project | libtirpc | >= 0 < 0.2.5-1.2ubuntu0.1 | 0.2.5-1.2ubuntu0.1 |
| opensuse | leap | — | — |
| opensuse | opensuse | — | — |
CVSS provenance
nvdv3.15.9MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH