Gnu: Security Vulnerabilities
The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-02-24
regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.
CVSS Score
7.5
EPSS Score
0.01
Published
2017-02-17
Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service (memory consumption) by leveraging partial initialization of internal resolver data structures.
CVSS Score
7.5
EPSS Score
0.012
Published
2017-02-17
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
CVSS Score
6.5
EPSS Score
0.001
Published
2017-02-07
The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types.
CVSS Score
7.5
EPSS Score
0.018
Published
2017-02-07
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address.
CVSS Score
5.5
EPSS Score
0.0
Published
2017-01-23
Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode.
CVSS Score
9.8
EPSS Score
0.024
Published
2017-01-23
Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.
CVSS Score
8.4
EPSS Score
0.001
Published
2017-01-19
The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. This is fixed in Guile 2.0.13. Prior versions are affected.
CVSS Score
5.3
EPSS Score
0.001
Published
2017-01-12
The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack.
CVSS Score
9.8
EPSS Score
0.003
Published
2017-01-12