MoonPoint Support Logo

 

Shop Amazon Warehouse Deals - Deep Discounts on Open-box and Used ProductsAmazon Warehouse Deals



Advanced Search
February
Sun Mon Tue Wed Thu Fri Sat
 
16
         
2016
Months
Feb


Tue, Feb 16, 2016 11:48 pm

glibc getaddrinfo stack-based buffer overflow vulnerability on Linux systems

A serious vulnerability in the GNU C Library, commonly known as glibc, were widely reported today. The GNU C Library is widely used on Linux systems and is used within routers that rely on Linux for their firmware. The vulnerability is within the getaddrinfo function that converts domain names, hostnames, and IP addresses between human-readable text and the structured binary formats used by the operating system. The vulnerability permits a buffer overflow attack to potentially allow the execution of arbitrary code on an affected system by an attacker.

An attacker could take advantage of the vulnerability through a lookup on an attacker controlled domain name or through compromised Domain Name System (DNS) servers, or via a man-in-the-middle attack where an attacker has the capabililty to alter DNS data flowing to/from the vulnerable system and DNS servers.

The vulnerability has been given the Common Vulnerabilities and Exposures (CVE) designation CVE-2015-7547. The issue was detected by Google researchers investigating a segmentation fault issue they encountered with a Secure Shell (SSH) application. The researches traced the issue to a buffer overflow inside glibc. When they reported the issue to the glibc maintainers, they found that the maintainers had been informed of the vulnerability in July and that individuals involved with the Red Hat distribution of Linux had also discovered the vulnerability and were working on a fix for it. The Google researchers disclosed the vulnerability today.

If you are responsible for a Linux system or other equipment that uses glibc, you should update the software as soon as feasible. If you have a system that uses the RPM Package Manager, you can see what version of glibc is installed and the build date for the package with rpm -qi glibc. On systems that use the open-source command-line package-management utility yum, you can issue the command yum update glibc from the root account. The currently available version for CentOS Linux systems is glibc 2.17. CentOS is functionally compatible with its upstream source, Red Hat Enterprise Linux (RHEL)

References:

  1. Extremely severe bug leaves dizzying number of software and devices vulnerable
    By Dan Goodin
    Date: February 16, 2016 Ars Technica
  2. CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow
    Posted By: Fermin J. Serna, Staff Security Engineer and Kevin Stadmeyer, Technical Program Manager for Google
    Date Posted: February 16, 2016
    Google Online Security Blog

[/security/vulnerabilities/linux] permanent link

Valid HTML 4.01 Transitional

Privacy Policy   Contact

Blosxom logo