RedHat released Patch for CVE-2015-7547 glibc: getaddrinfo stack-based buffer overflow.
A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module.
This vulnerability could allow a remote user to execute code as a privileged user and hence has been highlighted as Critical by Red Hat Product Security. All versions of the glibc package saw effect by this flaw.
This is a serious vulnerability. So I highly recommend to patch the servers. You can find out whether your server is vulnerable or not by running the following command
rpm -q –changelog glibc | grep CVE-2015-7547
If the output of this command shows the following result then the server is already patched.
– Update fix for CVE-2015-7547 (#1296028).
– Fix CVE-2015-7547: getaddrinfo() stack-based buffer overflow (#1296028).
If there is no output available for the command that i mention above, then you need to patch the server using the following steps
Step 1 : You need to update the glibc package on the server.
For CentOS server, you can do this by running the command: yum -y upgrade glibc
For Unbuntu server, you can do this by running the command: apt-get install –only-upgrade libc6 -y
Step 2 : Reboot the server.
For re-confirmation you can try to execute following command again
rpm -q –changelog glibc | grep CVE-2015-7547
If the above mentioned output shows, then its patched! Now you can relax and set back.
Stay Secure!
References
Get in touch with SecureLayer7 today to strengthen your vulnerability management program and stay ahead of evolving cyber threats.