Summary:
Intel Software Products and Services that rely on glibc may be indirectly impacted by CVE-2015-7547.
Description:
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) prior to version 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo.
Intel Products and API services not included in this advisory are considered not to be impacted at this time.
Intel Products and API services listed below are potentially impacted indirectly by this issue since those perform DNS lookups and are reliant on the Operating System. End-users should contact their Operating System vendor for a relevant glibc patch to help mitigate CVE-2015-7547.
Affected products: