glibc getaddrinfo stack-based buffer overflow Vulnerability

Summary

On 16 February 2016, Red Hat identified the glibc getaddrinfo stack-based buffer overflow vulnerability affecting Red Hat platforms 6 using glibc versions 2.10 and above. NOTE: Red Hat states that platforms 3-5 are not vulnerable (i.e., glibc version 2.9 and below are not at risk). This article is designed to provide you with the latest information on the vulnerability.

Please note that as of February 19th, 2016 the vulnerability has been patched on all our web solutions.

Threat Description

The vulnerability within the glibc DNS side resolver represents a weakness in the stack-based buffer overflow when the getaddrinfo function is used. The attacker could exploit the system using masked Domain Names, attacker controlled DNS servers, or through a man-in-the-middle attack. A successful exploitation could lead to denial of service (DoS), system crashes, or remote code execution on the client.

A note on remote code execution: although it is possible for an attacker to infiltrate the client, bypassing the existing security mitigations on the system and crafting special packets to properly initiate the overflow is challenging and would require great skill and knowledge of the solution itself.

For further information on this vulnerability, please see the following article: https://access.redhat.com/security/cve/cve-2015-7547.

Vital Effect has written 8 articles

Vital Effect, whose services originated in 1997, is a leading company for website design & new media development. Their professional creative team offers extensive experience to help drive you to success.