What is CVE-2015-7547?
  • February 20, 2016
  • Linux

What is CVE-2015-7547?

By Andreea Volosincu

Andreea Volosincu (2) blogSome of the uncovered common vulnerabilities capture the world’s attention to the point of being attributed a nickname (e.g. heartbleed). Others are fixed and get popular just in engineering circles. CVE-2015-7547 is one for engineers to know about.

The latest reported common vulnerability has not received a nickname, but this is not to say CVE-2015-7547 isn’t important. Exploring this breach, devices running  Linux, like Wind River Linux or another Linux distribution, could be made to crash or run unauthorized programs if they receive maliciously created network traffic.

The issue had been previously reported, but it wasn’t until a Google engineer observed this odd behavior that it received higher visibility. So Google did it again, bringing awareness to an issue that seemed dormant. But most of the Linux users out there were left wondering “What will this do to my devices?

According to MITRE, multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing “dual A/AAAA DNS queries” and the libnss_dns.so.2 NSS module.

In English – the potential for all sorts of bad things.

Leave security to the experts

At this point you can either get overwhelmed by the vast potential of security threats, or you can turn to your trusted vendor. If you shift the way you think about security, you may be able to face open source’s favorite 800-pound gorilla. The Wind River Security Response team helps you stay on top of your security strategy without losing your mind. And time. And money. We have 4 rules for keeping your sanity (and money) when dealing with ongoing security:

  1. Monitoring – During the monitoring stage, the security response team will actively monitor specific security notification email lists
  2. Assessment – the Wind River Security Response Team investigates to verify applicability to versions of Wind River Linux.
  3. Notification – Notifications are sent to our customer base about new issues and upcoming fixes
  4. Remediation – Patches are created, and customers can download it from their support website.

 

Snapshot of Wind River Security Response Team – Security Vulnerabilities Evolution and Trends

cve blog

Tweet about this on TwitterShare on Google+Share on FacebookShare on LinkedInEmail this to someone