glibc-2.17-196.el7

The glibc package contains standard libraries which are used by
multiple programs on the system. In order to save disk space and
memory, as well as to make upgrading easier, common system code is
kept in one place and shared between programs. This particular package
contains the most important sets of shared libraries: the standard C
library and the standard math library. Without these two libraries, a
Linux system will not function.

CVE-2014-9761
Multiple stack-based buffer overflows in the GNU C Library (aka glibc
or libc6) before 2.23 allow context-dependent attackers to cause a
denial of service (application crash) or possibly execute arbitrary
code via a long argument to the (1) nan, (2) nanf, or (3) nanl
function.
CVE-2015-8776
The strftime function in the GNU C Library (aka glibc or libc6) before
2.23 allows context-dependent attackers to cause a denial of service
(application crash) or possibly obtain sensitive information via an
out-of-range time value.
CVE-2015-8777
The process_envvars function in elf/rtld.c in the GNU C Library (aka
glibc or libc6) before 2.23 allows local users to bypass a
pointer-guarding protection mechanism via a zero value of the
LD_POINTER_GUARD environment variable.
CVE-2015-8778
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23
allows context-dependent attackers to cause a denial of service
(application crash) or possibly execute arbitrary code via the size
argument to the __hcreate_r function, which triggers out-of-bounds
heap-memory access.
CVE-2015-8779
Stack-based buffer overflow in the catopen function in the GNU C
Library (aka glibc or libc6) before 2.23 allows context-dependent
attackers to cause a denial of service (application crash) or possibly
execute arbitrary code via a long catalog name.