Buffer Overflow in GNU C Library Affecting Various Linux Distributions
CVE-2015-1781

Currently unrated

Key Information:

Vendor

Suse
Status
Linux Enterprise Server
Linux Enterprise Desktop
Linux Enterprise Debuginfo
Vendor
CVE Published:
28 September 2015

What is CVE-2015-1781?

A vulnerability in the GNU C Library allows context-dependent attackers to exploit a buffer overflow during the processing of DNS responses. This exploitation may lead to unintended denial of service conditions, including application crashes, or may grant the ability to execute arbitrary code on affected systems. The vulnerability arises due to misalignment in the buffer handling when invoking the gethostbyname_r and other NSS functions, particularly with crafted DNS responses. Systems using glibc versions prior to 2.22 are particularly susceptible, impacting various Linux distributions and applications relying on this library.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.opensuse.org/opensuse-security-announce/2015...
vendor-advisoryx_refsource_SUSE
https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609...
mailing-listx_refsource_MLIST
http://lists.opensuse.org/opensuse-security-announce/2016...
vendor-advisoryx_refsource_SUSE

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.