vulnerability

Amazon Linux AMI: Security patch for glibc (ALAS-2016-660) (CVE-2015-5229)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Mar 11, 2016	Mar 11, 2016	Oct 30, 2017

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Mar 11, 2016

Added

Mar 11, 2016

Modified

Oct 30, 2017

Description

The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service (hang or crash) via unspecified vectors.

Solutions

amazon-linux-upgrade-glibcamazon-linux-upgrade-glibc-commonamazon-linux-upgrade-glibc-debuginfoamazon-linux-upgrade-glibc-debuginfo-commonamazon-linux-upgrade-glibc-develamazon-linux-upgrade-glibc-headersamazon-linux-upgrade-glibc-staticamazon-linux-upgrade-glibc-utilsamazon-linux-upgrade-nscd

References

AMAZON-ALAS-2016-660
CVE-2015-5229
https://attackerkb.com/topics/CVE-2015-5229
REDHAT-RHSA-2016:0176

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report