new vulnerability

Asked by WcMinor

Has someone seen this? https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html

An attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library.

Best,

Dario

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu glibc Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
actionparsnip (andrew-woodhead666) said :
#1

I suggest you report a bug. Mark it as a security issue.

Revision history for this message
Manfred Hampl (m-hampl) said :
#2

The problem seems to be known but not resolved yet
http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-7547.html

Can you help with this problem?

Provide an answer of your own, or ask WcMinor for more information if necessary.

To post a message you must log in.