CVE-2014-9761
glibc: Unbounded stack allocation in nan* functions
Severity Score
Exploit Likelihood
Affected Versions
23Public Exploits
2Exploited in Wild
-Decision
Descriptions
Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2) nanf, or (3) nanl function.
Múltiples desbordamientos de buffer basado en pila en la GNU C Library (también conocida como glibc o libc6) en versiones anteriores a 2.23 permiten a atacantes dependientes del contexto causar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbirario a través de un argumento largo en la función (1) nan, (2) nanf o (3) nanl.
A stack overflow vulnerability was found in nan* functions that could cause applications, which process long strings with the nan function, to crash or, potentially, execute arbitrary code.
Martin Carpenter discovered that pt_chown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. Robin Hack discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not properly manage its file descriptors. An attacker could use this to cause a denial of service (infinite loop). Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-05-26 CVE Published
- 2016-01-19 CVE Reserved
- 2019-06-13 First Exploit
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (26)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-E... | X_refsource_misc |
|
| http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-Bus... | X_refsource_misc |
|
| http://seclists.org/fulldisclosure/2019/Jun/18 | Mailing List |
|
| http://seclists.org/fulldisclosure/2019/Sep/7 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2016/01/19/11 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2016/01/20/1 | Mailing List |
|
| http://www.securityfocus.com/bid/83306 | Vdb Entry | |
| https://seclists.org/bugtraq/2019/Jun/14 | Mailing List |
|
| https://seclists.org/bugtraq/2019/Sep/7 | Mailing List |
|
| https://sourceware.org/bugzilla/show_bug.cgi?id=16962 | X_refsource_confirm |
| URL | Date | SRC |
|---|