CVE-2015-5229

EPSS 1%
Published 08.04.2016 15:59:00
Last modified 12.04.2025 10:46:40
Source secalert@redhat.com
Teams watchlist Login
Open Login

The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not properly initialize memory areas, which might allow context-dependent attackers to cause a denial of service (hang or crash) via unspecified vectors.

Affected products Warnungen 0 Metrics 3 CWE 0 References 10

Data is provided by the National Vulnerability Database (NVD)

Redhat ≫ Enterprise Linux Version6.7

Redhat ≫ Enterprise Linux Version7.2

Redhat ≫ Enterprise Linux Desktop Version7.0

Redhat ≫ Enterprise Linux Hpc Node Version7.0

Redhat ≫ Enterprise Linux Hpc Node Eus Version7.2

Redhat ≫ Enterprise Linux Server Version7.0

Redhat ≫ Enterprise Linux Server Aus Version7.2

Redhat ≫ Enterprise Linux Server Eus Version7.2

Redhat ≫ Enterprise Linux Workstation Version7.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1%	0.76

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

http://rhn.redhat.com/errata/RHSA-2016-0176.html

Vendor Advisory

https://kc.mcafee.com/corporate/index?page=content&id=SB10150

http://www.securityfocus.com/bid/84172

https://bugzilla.redhat.com/show_bug.cgi?id=1246713

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1256285

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1293976

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2015-5229

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-5229

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-5229

EUVD