Robin Hack

**Name of the Vulnerable Software and Affected Versions** glibc versions 2.21 and earlier **Description** The issue is related to the DB LOOKUP function in the Name Service Switch (NSS) of the GNU C Library, which does not properly check if a file is open. This allows remote attackers to cause a denial of service by triggering an infinite loop when performing a look-up on a database while iterating over it, causing the file pointer to be reset. **Recommendations** For glibc versions 2.21 and earlier, update to a version later than 2.21 to resolve the issue. As a temporary workaround, consider restricting access to the DB LOOKUP function in nss files/files-XXX.c to minimize the risk of exploitation.