Support Content Notification - Support Portal

BSA-2018-616

Product/Component

Brocade Fabric OS

2 more products

Notification Id

21563

Last Updated

05 February 2021

Initial Publication Date

01 April 2019

Status

Closed

Severity

Medium

CVSS Base Score

5.5

WorkAround

Affected CVE

CVE-2017-15804

Summary

Security Advisory ID : BSA-2018-616

Component : bzip2recover

Revision : 2.0

The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.

Affected Products
Security update provided in Brocade Fabric OS v8.2.2c, FOS v7.4.2g, FOS v8.2.0_CBN3, FOS v8.2.1e, FOS v8.1.2k, FOS v9.0.0 and upper releases.

Products Confirmed Not Vulnerable
No other Brocade Fibre Channel technology products from Broadcom are currently known to be affected by this vulnerability.

Revision History

Version	Change	Date
1.0	Initial Publication	Apr 1, 2019
2.0	Affected products updated	Feb 5, 2021