Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2017-12133

Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.

Related bugs and status

CVE-2017-12133 (Candidate) is related to these bugs:

Bug #1703368: [FFe] [17.10 FEAT] upgrade to newest version of glibc >=2.26

Summary				In	Importance	Status
	1703368	[FFe] [17.10 FEAT] upgrade to newest version of glibc >=2.26		glibc (Ubuntu)	Undecided	Fix Released
	1703368	[FFe] [17.10 FEAT] upgrade to newest version of glibc >=2.26		Ubuntu on IBM z Systems	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://sourceware.org...
CONFIRM: https://sourceware.org...
FEDORA: FEDORA-2017-270ab2baa3
BID: 100679
UBUNTU: USN-4416-1