Vulnerability identifier: #VU6434
Vulnerability risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-400
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Glibc
Universal components / Libraries /
Libraries used by multiple products
Vendor: GNU
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error in xdr_bytes() and xdr_string() functions when processing RPC data in the GNU C Library (aka glibc or libc6). A remote unauthenticated attacker can send a specially crafted UDP request to port 111 (rpcbind) and consume up to 4 gigabytes of memory per request.
Successful exploitation of this vulnerability may result in denial of service (DoS) conditions.
The issue is related to: https://www.cybersecurity-help.cz/vdb/SB2017050801
Mitigation
Install patch from vendor's website.
Vulnerable software versions
Glibc: 2.25
External links
http://www.openwall.com/lists/oss-security/2017/05/05/2
http://bugzilla.suse.com/show_bug.cgi?id=1037559#c7
http://sourceware.org/bugzilla/show_bug.cgi?id=21461
http://sourceware.org/ml/libc-alpha/2017-05/msg00105.html
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.