DEPRECATED: Code

CVE-2014-8121

Medium

5/10

Summary

DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: NONE
Availability Impact: PARTIAL

CWE-17 - DEPRECATED: Code

This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.

References

Advisory Timeline

Published Mar 27, 2015

DEPRECATED: Code

CVE-2014-8121

Summary

CWE-17 - DEPRECATED: Code

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS