Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SBR Carrier] Impact on “CVE-2015-7547 – glibc DNS client side resolver stack-based buffer overflow” vulnerability on SBR Carrier

0

0

Article ID: KB30745 KB Last Updated: 04 Mar 2017Version: 2.0
Summary:

A stack-based buffer overflow issue was found in the Red Hat Enterprise Linux (RHEL) code which performs dual A/AAAA DNS queries. The issue is described on Red Hat's website:

Critical security flaw: CVE-2015-7547 – glibc DNS client side resolver stack-based buffer overflow

This creates a vulnerability in SBR Carrier devices. This article explains the issue and provides a link to the Red Hat site which provides mitigation.

Symptoms:

Is an SBR Carrier device running on RHEL v 6 or 7 affected by CVE-2015-7547 vulnerability?


Cause:

The glibc package of Linux contains standard libraries which are used by multiple programs on the system. A stack-based buffer overflow was found in libresolv in the code which performs dual A/AAAA DNS queries. SBR Carrier devices running on RHEL 6 or RHEL 7 are vulnerable, due to the underlying OS glibc library.

Solution:

To mitigate this vulnerability in SBR Carrier devices installed on RHEL 6 or 7 servers, update the glibc package provided by Red Hat. The following link from Red Hat has more information on how to do this:

Critical security flaw: glibc stack-based buffer overflow in getaddrinfo() (CVE-2015-7547)

Note: SBR Carrier devices running on Solaris are not affected.


Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search