Critical: glibc security and bug fix update - CVE-2015-7547
GNU glibc contains a buffer overflow vulnerability in the DNS resolver, which may allow a remote attacker to execute arbitrary code.
More details and analysis are available in the patch announcement from glibc developers.
The getaddrinfo() function allows a buffer overflow condition in which arbitrary code may be executed. The impact may vary depending on if the use case is local or remote.
CWE-121: Stack-based Buffer Overflow - CVE-2015-7547
DO NOT perform an update of the entire system.
Login to ScaleArc box with idb user and download the following rpms in /tmp directory and Verify your exisiting version of glibc
[idb@scalearc-1 tmp]$ rpm -qa |grep glibc
If you are experiencing issues with ScaleArc or with any of it's features, please contact ScaleArc Support. We are available 24x7 by phone at 855 800 7225 or +1 408 412 7315. For general support inquiries, you can also e-mail us at firstname.lastname@example.org.
2901 Tasman Drive Santa Clara, CA 95054 | Email: email@example.com