How to fix glibc vulnerability CVE-2015-7547 on CentOS Linux
GNU glibc library versions from 2.9 to 2.22 contain a buffer overflow vulnerability which may allow a remote attacker to run arbitrary code on your Linux server. This vulnerability is published on CVE-2015-7547. Fore more details, read following resources:
CERT vulnerability note – VU#457759
Red Hat CVE database – CVE-2015-7547
CentOS 6 and 7 are affected by CVE-2015-7547, CentOS 5 and earlier versions are not affected. Red Hat has released updated glibc with fix for CVE-2015-7547. This update is available for CentOS as well.
To update glibc on your server, root user privilege is required. It is highly recommended to reboot server after this update.
Applying the fix
To make sure that updates are not installed from YUM cache, clean up the cache and then install updated glibc with following yum commands:
yum clean all yum -y update glibc
Check changelog of newly installed glibc and make sure that fix for CVE-2015-7547 is listed there:
rpm -q --changelog glibc | grep CVE-2015-7547
CVE-2015-7547 fix (#1296030). - Fix CVE-2015-7547: getaddrinfo() stack-based buffer overflow (#1296030).
This article explained how to apply fix for CVE-2015-7547 on your CentOS 6/7 server. In case you need any help, contact our technical support department.