CVE-2014-8121 (retired)

Priority
Description
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU
C Library (aka glibc or libc6) 2.21 and earlier does not properly check if
a file is open, which allows remote attackers to cause a denial of service
(infinite loop) by performing a look-up on a database while iterating over
it, which triggers the file pointer to be reset.
Ubuntu-Description
Robin Hack discovered that the Name Service Switch (NSS)
implementation in the GNU C Library did not properly manage its file
descriptors. An attacker could use this to cause a denial of service
(infinite loop).
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):released (2.15-0ubuntu10.14)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-08-23 09:04:28 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)