Home Security CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow vulnerability

CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow vulnerability


A new vulnerability has been discovered by Googles Online Security research team. It affects the glibc library and can potentially lead to DOS and code executions. How severe this is to your infrastructure depends on many factors – it is recommended to patch the issue as soon as possible.

“Our initial investigations showed that the issue affected all the versions of glibc since 2.9. You should definitely update if you are on an older version though. If the vulnerability is detected, machine owners may wish to take steps to mitigate the risk of an attack.

The glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo() library function is used. Software using this function may be exploited with attacker-controlled domain names, attacker-controlled DNS servers, or through a man-in-the-middle attack.– Google Online Security

CVE-2015-7547 CVSS v2

Base Score 6.1
Base Metrics AV:N/AC:H/Au:N/C:N/I:C/A:P
Access Vector Network
Access Complexity High
Authentication None
Confidentiality Impact None
Integrity Impact Complete
Availability Impact Partial

Further information about CVE-2015-7547

This has been published as an alert in our IT Security Alert Telegram channel as well.