RSS Feed
News
Feb
18
Linux Glibc Getaddrinfo Stack-based Buffer Overflow Zero Day Vulnerability CVE-2015-7547 and CVE-2015-5229
Posted by Chris -'- Ahosting Support Team on 18 February 2016 07:50 AM

Hello,

This is a courtesy notice to let you know about the (Linux Glibc Getaddrinfo Stack-based Buffer Overflow Zero Day Vulnerability).

A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This package contains the standard C library against which all GNU/Linux programs are linked.

Fix the Glibc Getaddrinfo vulnerability on a RHEL/CentOS Linux
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Type the following yum command:

$ sudo yum clean all
$ sudo yum update


After the update is applied you need to reboot the system or restart all affected services:

Because this vulnerability affects a large amount of applications on the system, the safest and recommended way to assure every application uses the updated glibc packages is to restart the system.

In case you are unable to restart the entire system after applying the update, execute the following command to list all running processes (not restricted to services) still using the old [in-memory] version of glibc on your system.


lsof +c0 -d DEL | awk 'NR==1 || /libc-/ {print $2,$1,$4,$NF}' | column -t

From the resulting list, identify the public-facing services and restart them.

You can find more details from the links below.

https://access.redhat.com/security/cve/cve-2015-7547
https://access.redhat.com/articles/2161461

If you are not running any systems on CentOS 6 or 7:
Your services are unaffected by this vulnerability.

If you have any questions, please do not hesitate to open a ticket with our helpdesk.


Comments (0)
Help Desk Software by Kayako fusion