A new vulnerability has been discovered by Googles Online Security research team. It affects the glibc library and can potentially lead to DOS and code executions. How severe this is to your infrastructure depends on many factors – it is recommended to patch the issue as soon as possible.
“Our initial investigations showed that the issue affected all the versions of glibc since 2.9. You should definitely update if you are on an older version though. If the vulnerability is detected, machine owners may wish to take steps to mitigate the risk of an attack.
The glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo() library function is used. Software using this function may be exploited with attacker-controlled domain names, attacker-controlled DNS servers, or through a man-in-the-middle attack.” – Google Online Security
CVE-2015-7547 CVSS v2
Further information about CVE-2015-7547
This has been published as an alert in our IT Security Alert Telegram channel as well.