Sign in Subscribe

← All advisories

Critical severity9.8NVD Advisory· Published May 2, 2017· Updated May 13, 2026

CVE-2017-7476

CVE-2017-7476

Description

Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable. The error is in the save_abbr function in time_rz.c.

Affected products

2

Gnulib/Gnulib
cpe:2.3:a:gnulib:gnulib:*:*:*:*:*:*:*:*
Range: <=2017-04-25
Alpinelinux/Gnulib Before 2017 04 26v5
Range: Gnulib before 2017-04-26

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party AdvisoryVDB Entry
bugzilla.redhat.com/show_bug.cginvdExploitIssue TrackingMitigationThird Party AdvisoryVDB Entry
www.securityfocus.com/bid/98098nvdThird Party AdvisoryVDB Entry
security-tracker.debian.org/tracker/CVE-2017-7476nvdThird Party Advisory

News mentions

0

No linked articles in our index yet.