Critical glibc stack-based buffer overflow (CVE-2015-7547)

Created:

2016-11-16 12:41:23 UTC

Modified:

2017-04-24 12:15:14 UTC

0

Was this article helpful?


Have more questions?

Submit a request

Critical glibc stack-based buffer overflow (CVE-2015-7547)

Applicable to:

  • Plesk for Linux

Symptoms

A stack-based buffer overflow was found in libresolv in the code which performs dual A/AAAA DNS queries. A remote attacker could create specially crafted DNS responses which could cause libresolv to crash or potentially execute code with the permissions of the user running the library.

This issue has been rated as having Critical impact by Red Hat Product Security.

This issue did not affect the version of glibc shipped with Red Hat Enterprise Linux 5 or earlier. This issue affected the versions of glibc shipped with Red Hat Enterprise Linux 6 and 7.

Read more details on RedHat site

Resolution

Operation System Vendors already released corresponding updates for the glibc library, please update your OS following standard procedure the as soon as possible:

RedHat/CentOS

Ubuntu

Debian

Have more questions? Submit a request
Please sign in to leave a comment.