Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

Critical: glibc security and bug fix update

Daniel Nashed  17 February 2016 14:02:45

There is a critical issue with the glibc lib that Linux and other systems are using.

The best short description I found is the following:

"A stack-based buffer overflow was found in the way the libresolv library
performed dual A/AAAA DNS queries. A remote attacker could create a
specially crafted DNS response which could cause libresolv to crash or,
potentially, execute code with the permissions of the user running the
library. Note: this issue is only exposed when libresolv is called from the
nss_dns NSS service module. (CVE-2015-7547)"

Redhat already released patches:

https://rhn.redhat.com/errata/RHSA-2016-0175.html
https://sourceware.org/bugzilla/show_bug.cgi?id=18665

And there is also a patch from SuSE

https://www.suse.com/support/update/announcement/2016/suse-su-20160470-1.html

I have already updated my CentOS 6 Linux machines (via yum update).

Another interesting link is from Heise with some details in German:

http://www.heise.de/newsticker/meldung/glibc-Dramatische-Sicherheitsluecke-in-Linux-Netzwerkfunktionen-3107621.html

Thanks to my friend Harvey Pope pointing me to this bug and sending me the Heise link!

Daniel


  • [IBM Lotus Domino]
  • [Domino on Linux]
  • [Nash!Com]
  • [Daniel Nashed]