Vulnerability CVE-2015-5180: Information

Description

res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).

Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2015-5180

Published: June 27, 2017

Modified: Feb. 13, 2023

Error type identifier: CWE-476

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
glibc	sisyphus	2.25-alt1	2.38.0.76.e9f05fa1c6-alt1	ALT-PU-2017-1429-1	181030	Fixed
glibc	p10	2.25-alt1	2.32-alt5.p10.3	ALT-PU-2017-1429-1	181030	Fixed
glibc	p9	2.25-alt1	2.27-alt14	ALT-PU-2017-1429-1	181030	Fixed
glibc	c10f1	2.25-alt1	2.32-alt5.p10.3	ALT-PU-2017-1429-1	181030	Fixed
glibc	c9f2	2.25-alt1	2.27-alt14	ALT-PU-2017-1429-1	181030	Fixed
glibc	c7	2.17-alt5.M70C.13	2.17-alt5.M70C.14	ALT-PU-2017-2198-1	188136	Fixed
glibc	p11	2.25-alt1	2.38.0.76.e9f05fa1c6-alt1	ALT-PU-2017-1429-1	181030	Fixed

Hyperlink	Resource
[libc-alpha@sourceware.org] 20170205 The GNU C Library version 2.25 is now available	Release Notes Third Party Advisory
https://sourceware.org/bugzilla/show_bug.cgi?id=18784	Issue Tracking Third Party Advisory
https://sourceware.org/bugzilla/attachment.cgi?id=8492	Patch
https://bugzilla.redhat.com/show_bug.cgi?id=1249603	Issue Tracking Patch Third Party Advisory VDB Entry
USN-3239-2	Third Party Advisory
USN-3239-1	Third Party Advisory
GLSA-201706-19	Third Party Advisory
99324	Third Party Advisory VDB Entry
RHSA-2018:0805
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=fc82b0a2dfe7dbd35671c10510a8da1043d746a5

Version: v24.5.3