Linux vulnerability CVE-2015-7547

You might have seen widely reported Linux vulnerability in the media named CVE-2015-7547 reported by Google and RedHat.

https://googleonlinesecurity.blogspot.co.uk/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html

The SME Appliance is not affected by this vulnerability. The SME Appliance currently uses CentOS 5.x as the base operating system and it is not affected. 

Linux

Steps we have taken to test the Vulnerability 

We have checked SME is not vulnerable by executing the Proof of Concept exploit and confirmed the appliance is not vulnerable.

https://github.com/fjserna/CVE-2015-7547

RedHat has also confirmed that CentOS/RedHat 5.x are not affected by this vulnerability.

“This issue does not affect the versions of glibc as shipped with Red Hat Enterprise Linux 4 and 5.” See  https://access.redhat.com/security/cve/cve-2015-7547

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather
The following two tabs change content below.

Leave a Reply

Your email address will not be published. Required fields are marked *