oss-sec mailing list archives
CVE-2015-7547: stack-based buffer overflow in glibc's getaddrinfo function
From: Florian Weimer <fweimer () redhat com>
Date: Tue, 16 Feb 2016 15:17:05 +0100
Hi, today, we are disclosing a vulnerability in the nss_dns backend for getaddrinfo, related to handling dual A/AAAA queries: The security impact of this issue was discovered roughly at the same time by the Google Security Team and Red Hat. Background information: https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html Thanks, Florian
Current thread:
- CVE-2015-7547: stack-based buffer overflow in glibc's getaddrinfo function Florian Weimer (Feb 16)