DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Suse_linux_enterprise_desktop | Suse | 11-sp3 (including) | 11-sp3 (including) |
Suse_linux_enterprise_desktop | Suse | 11-sp4 (including) | 11-sp4 (including) |
Suse_linux_enterprise_server | Suse | 11.0-sp3 (including) | 11.0-sp3 (including) |
Suse_linux_enterprise_server | Suse | 11.0-sp4 (including) | 11.0-sp4 (including) |