Lucene search

K
intelIntel Security CenterINTEL:INTEL-SA-00049
HistoryMay 26, 2016 - 12:00 a.m.

Multiple Intel Software Products and Services impacted by CVE-2015-7547

2016-05-2600:00:00
Intel Security Center
www.intel.com
20

Summary:

Intel Software Products and Services that rely on glibc may be indirectly impacted by CVE-2015-7547.

Description:

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) prior to version 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo.

Intel Products and API services not included in this advisory are considered not to be impacted at this time.

Intel Products and API services listed below are potentially impacted indirectly by this issue since those perform DNS lookups and are reliant on the Operating System. End-users should contact their Operating System vendor for a relevant glibc patch to help mitigate CVE-2015-7547.

Affected products: