IntroductionGNU glibc library versions from 2.9 to 2.22 contain a buffer overflow vulnerability which may allow a remote attacker to run arbitrary code on your Linux server. This vulnerability is published on CVE-2015-7547. Fore more details, read following resources:
http://www.kb.cert.org/vuls/id/457759https://access.redhat.com/security/cve/CVE-2015-7547CentOS 6 and 7 are affected by CVE-2015-7547, CentOS 5 and earlier versions are not affected. Red Hat has released updated glibc with fix for CVE-2015-7547. This update is available for CentOS as well.
RequirementsTo update glibc on your server, root user privilege is required. It is highly recommended to reboot server after this update
Applying the fixTo make sure that updates are not installed from YUM cache, clean up the cache and then install updated glibc with following yum commands:
yum clean all
yum -y update glibcCheck changelog of newly installed glibc and make sure that fix for CVE-2015-7547 is listed there:
rpm -q --changelog glibc | grep CVE-2015-7547CVE-2015-7547 fix (#1296030).
- Fix CVE-2015-7547: getaddrinfo() stack-based buffer overflow (#1296030).Reboot server.
