new vulnerability

Asked by WcMinor on 2016-02-16

Has someone seen this? https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html

An attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library.

Best,

Dario

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu glibc Edit question
Assignee:
No assignee Edit question
Last query:
2016-02-16
Last reply:
2016-02-16

I suggest you report a bug. Mark it as a security issue.

Manfred Hampl (m-hampl) said : #2

The problem seems to be known but not resolved yet
http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-7547.html

Can you help with this problem?

Provide an answer of your own, or ask WcMinor for more information if necessary.

To post a message you must log in.