Have a Question?

If you have any question you can ask below or enter what you are looking for!

How to fix glibc vulnerability CVE-2015-7547 on CentOS Linux

Introduction

GNU glibc library versions from 2.9 to 2.22 contain a buffer overflow vulnerability which may allow a remote attacker to run arbitrary code on your Linux server. This vulnerability is published on CVE-2015-7547. Fore more details, read following resources:

CERT vulnerability note – VU#457759

Red Hat CVE database – CVE-2015-7547

CentOS 6 and 7 are affected by CVE-2015-7547, CentOS 5 and earlier versions are not affected. Red Hat has released updated glibc with fix for CVE-2015-7547. This update is available for CentOS as well.

Requirements

To update glibc on your server, root user privilege is required. It is highly recommended to reboot server after this update.

Applying the fix

To make sure that updates are not installed from YUM cache, clean up the cache and then install updated glibc with following yum commands:

yum clean all
yum -y update glibc

Check changelog of newly installed glibc and make sure that fix for CVE-2015-7547 is listed there:

rpm -q --changelog glibc | grep CVE-2015-7547
CVE-2015-7547 fix (#1296030).
- Fix CVE-2015-7547: getaddrinfo() stack-based buffer overflow (#1296030).

Reboot server.

Conclusion

This article explained how to apply fix for CVE-2015-7547 on your CentOS 6/7 server. In case you need any help, contact our technical support department.

Leave a Reply

Your email address will not be published. Required fields are marked *

You can use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>