QwikSec

Security Database

CVE

CWE

Training

CVE-2016-5417

Published: Feb 16, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service (memory consumption) by leveraging partial initialization of internal resolver data structures.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://sourceware.org/bugzilla/show_bug.cgi?id=19257

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=2212c1420c92a33b0e0bd9a34938c9814a56c0f7

x_refsource_CONFIRM

[oss-security] 20160802 glibc: Per-thread memory leak in __res_vinit with IPv6 nameservers (CVE-2016-5417)

mailing-list

x_refsource_MLIST

[libc-alpha] 20160804 The GNU C Library version 2.24 is now available

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.