Upstream information
Description
The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service (hang or crash) via unspecified vectors.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.
National Vulnerability Database | SUSE | |
---|---|---|
Base Score | 5 | 4 |
Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P | AV:N/AC:H/Au:N/C:P/I:N/A:P |
Access Vector | Network | Network |
Access Complexity | Low | High |
Authentication | None | None |
Confidentiality Impact | None | Partial |
Integrity Impact | None | None |
Availability Impact | Partial | Partial |
Note from the SUSE Security Team
This issue was in a Redhat specific glibc patch and so does not affect SUSE or openSUSE. SUSE Bugzilla entry: 943015 [RESOLVED / INVALID] No SUSE Security Announcements cross referenced.List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE Liberty Linux 7 |
| Patchnames: RHSA-2016:0176 |
SUSE Timeline for this CVE
CVE page created: Mon Aug 24 13:15:16 2015CVE page last modified: Mon Oct 30 17:17:39 2023