Support Content Notification - Support Portal

BSA-2018-606

Product/Component

Brocade Fabric OS

2 more products

Notification Id

21346

Last Updated

05 February 2021

Initial Publication Date

01 April 2019

Status

Closed

Severity

Medium

CVSS Base Score

9.8

WorkAround

Affected CVE

CVE-2017-15670

Summary

Security Advisory ID : BSA-2018-606

Component : bzip2recover

Revision : 2.0

The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.

Affected Products
Security update provided in Brocade Fabric OS v8.2.2c, FOS v7.4.2g, FOS v8.2.0_CBN3, FOS v8.2.1e, FOS v8.1.2k, FOS v9.0.0 and upper releases.

Products Confirmed Not Vulnerable
No other Brocade Fibre Channel technology products from Broadcom are currently known to be affected by this vulnerability.

Revision History

Version	Change	Date
1.0	Initial Publication	Apr 1, 2019
2.0	Affected products updated	Feb 5, 2021