Security Advisory: CVE-2015-7547 glibc getaddrinfo stack-based buffer overflow

Elizabeth -

Joyent Engineers are aware of the glibc (CVE-2015-7547) security vulnerability believed to be found in all versions of the glibc since 2.9. The glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo() library function is used. Software using this function may be exploited with attacker-controlled domain names, attacker-controlled DNS servers, or through a man-in-the-middle attack. 

For any Joyent customers using glibc in their Docker containers, LX zones, or KVM instances, it is advised to update glibc if you are on a vulnerable version. If the vulnerability is detected, a patch for this exploit, along with a more detailed technical explanation, is available here.

Please also check the notices applicable to the Linux Distro you are using for the necessary remedial actions, such as: 


Centos/Red Hat/Fedora:


If you have any further questions or concerns, please contact Joyent Support by submitting a request at the Customer Support Portal or via email to

Have more questions? Submit a request


Article is closed for comments.