All vulnerabilities
CVE-2017-8804
Description
The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service (virtual memory allocation, or memory consumption if an overcommit setting is not used) via a crafted UDP packet to port 111, a related issue to CVE-2017-8779. NOTE: [Information provided from upstream and references
Patch Available
Fix available through Seal Security.
No upgrade required, protect your application instantly.
Fix without upgrading
Score
7.5
Severity
High
Ecosystem
RPM
Publish Date
May 7, 2017
Modified Date
April 16, 2026
Score Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Versions
