Critical severity9.8NVD Advisory· Published May 2, 2017· Updated Jun 17, 2026
CVE-2017-7476
CVE-2017-7476
Description
Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable. The error is in the save_abbr function in time_rz.c.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- osv-coords4 versionspkg:apk/chainguard/gnulibpkg:apk/wolfi/gnulibpkg:rpm/opensuse/coreutils&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/emacs&distro=openSUSE%20Tumbleweed
< 0+ 3 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 8.32-8.5
- (no CPE)range: < 27.2-6.2
Patches
Vulnerability mechanics
References
5- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party AdvisoryVDB Entry
- bugzilla.redhat.com/show_bug.cginvdExploitIssue TrackingMitigationThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/98098nvdThird Party AdvisoryVDB Entry
- security-tracker.debian.org/tracker/CVE-2017-7476nvdThird Party Advisory
- git.savannah.gnu.org/gitweb/nvd
News mentions
0No linked articles in our index yet.