IBM MQ Appliance has addressed a vulnerability in GNU C library (glibc).
CVEID:CVE-2017-8804
**DESCRIPTION:*glibc is vulnerable to a denial of service, caused by improper handling of buffer deserialization in the xdr_bytes and xdr_string functions. By sending a specially-crafted UDP packet, a remote attacker could exploit this vulnerability to cause virtual memory allocation, or memory consumption on the system.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/125760 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
IBM MQ Appliance 8.0
Maintenance levels between 8.0.0.0 and 8.0.0.7
IBM MQ Appliance 9.0.x Continuous Delivery (CD) Release
Continuous delivery updates between 9.0.1 and 9.0.3
IBM MQ Appliance 8.0
Apply fixpack 8.0.0.8
IBM MQ Appliance 9.0.x Continuous Delivery (CD) Release
Apply Continuous Delivery Release 9.0.4
None