CVE-2015-8776

The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.

Affected Software

Name	Vendor	Start Version	End Version
Linux_enterprise_debuginfo	Suse	11-sp2 (including)	11-sp2 (including)
Linux_enterprise_debuginfo	Suse	11-sp3 (including)	11-sp3 (including)
Linux_enterprise_debuginfo	Suse	11-sp4 (including)	11-sp4 (including)
Opensuse	Opensuse	13.2 (including)	13.2 (including)
Linux_enterprise_desktop	Suse	11-sp3 (including)	11-sp3 (including)
Linux_enterprise_desktop	Suse	11-sp4 (including)	11-sp4 (including)
Linux_enterprise_desktop	Suse	12 (including)	12 (including)
Linux_enterprise_desktop	Suse	12-sp1 (including)	12-sp1 (including)
Linux_enterprise_server	Suse	11-sp2 (including)	11-sp2 (including)
Linux_enterprise_server	Suse	11-sp3 (including)	11-sp3 (including)
Linux_enterprise_server	Suse	11-sp4 (including)	11-sp4 (including)
Linux_enterprise_server	Suse	12-sp1 (including)	12-sp1 (including)
Linux_enterprise_software_development_kit	Suse	11-sp3 (including)	11-sp3 (including)
Linux_enterprise_software_development_kit	Suse	11-sp4 (including)	11-sp4 (including)
Linux_enterprise_software_development_kit	Suse	12 (including)	12 (including)
Linux_enterprise_software_development_kit	Suse	12-sp1 (including)	12-sp1 (including)
Suse_linux_enterprise_server	Suse	12 (including)	12 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-8776
CWE	https://cwe.mitre.org/data/definitions/189.html

Affected Software

References