CVE-2011-5320

Priority
Description
scanf and related functions in glibc before 2.15 allow local users to cause
a denial of service (segmentation fault) via a large string of 0s.
Notes
 sarnold> other long strings also crash scanf but only 0 is representable,
  the standard is slightly lenient here. Second patch may not be strictly
  necessary, see the discussion at the bug report for opinions.
Package
Source: glibc (LP Ubuntu Debian)
Upstream:released (2.15)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Patches:
Upstream:https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=3f8cc204fdd0
Upstream:https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=20b38e0
More Information

Updated: 2019-03-19 12:02:18 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)