Index: security/vuxml/vuln.xml =================================================================== --- security/vuxml/vuln.xml (revision 409057) +++ security/vuxml/vuln.xml (working copy) @@ -57,6 +57,48 @@ * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + glibc -- stack-based buffer overflow + + + linux_base-c6 + linux_base-c6_64 + 6.7_1 + + + linux_base-f10 + linux_base-c6_64 + 0 + + + + +

Fabio Olive Leite reports:

+
A stack-based buffer overflow was found in libresolv when invoked + from nss_dns, allowing specially crafted DNS responses to seize control of + EIP in the DNS client. + + The buffer overflow occurs in the functions send_dg (send datagram) and + send_vc (send TCP) for the NSS module libnss_dns.so.2 when calling + getaddrinfo with AF_UNSPEC family, or in some cases AF_INET6 family. The + use of AF_UNSPEC (or AF_INET6 in some cases) triggers the low-level resolver + code to send out two parallel queries for A and AAAA. A mismanagement of + the buffers used for those queries could result in the response of a query + writing beyond the alloca allocated buffer created by __res_nquery.
+

+ + + + https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7547 + https://googleonlinesecurity.blogspot.com.ee/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html + + + 2016-02-16 + 2016-02-17 + + + adminer -- remote code execution