vulnerability

Amazon Linux AMI: Security patch for glibc (ALAS-2016-660) (CVE-2015-5229)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Mar 11, 2016	Mar 11, 2016	Oct 30, 2017

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Mar 11, 2016

Added

Mar 11, 2016

Modified

Oct 30, 2017

Description

The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service (hang or crash) via unspecified vectors.

Solutions

amazon-linux-upgrade-glibcamazon-linux-upgrade-glibc-commonamazon-linux-upgrade-glibc-debuginfoamazon-linux-upgrade-glibc-debuginfo-commonamazon-linux-upgrade-glibc-develamazon-linux-upgrade-glibc-headersamazon-linux-upgrade-glibc-staticamazon-linux-upgrade-glibc-utilsamazon-linux-upgrade-nscd

References

AMAZON-ALAS-2016-660
CVE-2015-5229
https://attackerkb.com/topics/CVE-2015-5229
REDHAT-RHSA-2016:0176

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today