Critical: glibc security and bug fix update - CVE-2015-7547
Release | Classification | Level | DB Platform | Categories |
All | Solution | ![]() |
ALL | Security |
SYMPTOM |
GNU glibc contains a buffer overflow vulnerability in the DNS resolver, which may allow a remote attacker to execute arbitrary code.
More details and analysis are available in the patch announcement from glibc developers.
The getaddrinfo() function allows a buffer overflow condition in which arbitrary code may be executed. The impact may vary depending on if the use case is local or remote.
CWE-121: Stack-based Buffer Overflow - CVE-2015-7547 |
FIX/WORKAROUND |
DO NOT perform an update of the entire system.
Login to ScaleArc box with idb user and download the following rpms in /tmp directory and Verify your exisiting version of glibc
[idb@scalearc-1 tmp]$ rpm -qa |grep glibc |
If you are experiencing issues with ScaleArc or with any of it's features, please contact ScaleArc Support. We are available 24x7 by phone at 855 800 7225 or +1 408 412 7315. For general support inquiries, you can also e-mail us at support@scalearc.com.
Copyright ©2014 ScaleArc, Inc. All rights reserved. Contact Support | Contact ScaleArc | Feedback 2901 Tasman Drive Santa Clara, CA 95054 | Email: support@scalearc.com |
Permalink: https://support.scalearc.com/kb/articles/3084 |