The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: * glibc: realpath buffer underflow when getcwd returns relative path allows privilege escalation * glibc: Buffer overflow in glob with GLOB_TILDE * glibc: Buffer overflow during unescaping of user names with the ~ operator * glibc: denial of service in getnetbyname function * glibc: DNS resolver NULL pointer dereference with crafted record type * glibc: Fragmentation attacks possible when EDNS0 is enabled For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Red Hat would like to thank halfdog for reporting CVE-2018-1000001. The CVE-2015-5180 issue was discovered by Florian Weimer . Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.