CVE-2015-7547— GNU C Library 缓冲区错误漏洞

EPSS 93.95% · P100 更新日 2026-02-21

新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2015-7547の基本情報

脆弱性情報

脆弱性についてご質問がありますか？Shenlongの分析が参考になるかご確認ください！

Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル

N/A

ソース: NVD (National Vulnerability Database)

脆弱性説明

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.

ソース: NVD (National Vulnerability Database)

CVSS情報

N/A

ソース: NVD (National Vulnerability Database)

脆弱性タイプ

N/A

ソース: NVD (National Vulnerability Database)

脆弱性タイトル

GNU C Library 缓冲区错误漏洞

ソース: CNNVD (China National Vulnerability Database)

脆弱性説明

GNU C Library（glibc，libc6）是一种按照LGPL许可协议发布的开源免费的C语言编译程序。 GNU C Library 2.23之前版本存在缓冲区错误漏洞。攻击者利用该漏洞导致系统拒绝服务（崩溃）或通过特制的DNS响应触发任意代码。

ソース: CNNVD (China National Vulnerability Database)

CVSS情報

N/A

ソース: CNNVD (China National Vulnerability Database)

脆弱性タイプ

N/A

ソース: CNNVD (China National Vulnerability Database)

Shenlong 10 Questions — AI 深度分析

十问解析：根本原因、利用方式、修复建议、紧迫性。摘要免费，完整版需登录。

查看摘要完整分析（登录）

影響を受ける製品

ベンダー	プロダクト	影響を受けるバージョン	CPE	購読
-	n/a	n/a	-

II. CVE-2015-7547の公開POC

#	POC説明	ソースリンク	Shenlongリンク
1	Proof of concept for CVE-2015-7547	https://github.com/fjserna/CVE-2015-7547	POC詳細
2	test script for CVE-2015-7547	https://github.com/cakuzo/CVE-2015-7547	POC詳細
3	None	https://github.com/t0r0t0r0/CVE-2015-7547	POC詳細
4	glibc check and update in light of CVE-2015-7547	https://github.com/rexifiles/rex-sec-glibc	POC詳細
5	glibc getaddrinfo stack-based buffer overflow	https://github.com/babykillerblack/CVE-2015-7547	POC詳細
6	PoC exploit server for CVE-2015-7547	https://github.com/jgajek/cve-2015-7547	POC詳細
7	PoC attack server for CVE-2015-7547 buffer overflow vulnerability in glibc DNS stub resolver (public version)	https://github.com/eSentire/cve-2015-7547-public	POC詳細
8	None	https://github.com/bluebluelan/CVE-2015-7547-proj-master	POC詳細
9	loudong	https://github.com/miracle03/CVE-2015-7547-master	POC詳細
10	CVE-2015-7547 initial research.	https://github.com/Stick-U235/CVE-2015-7547-Research	POC詳細
11	Glibc-Vulnerability-Exploit-CVE-2015-7547	https://github.com/Amilaperera12/Glibc-Vulnerability-Exploit-CVE-2015-7547	POC詳細

AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2015-7547のインテリジェンス情報

お願いしますログインより多くのインテリジェンス情報を見る

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266x_refsource_CONFIRM
https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/x_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958x_refsource_CONFIRM
https://kc.mcafee.com/corporate/index?page=content&id=SB10150x_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367x_refsource_CONFIRM
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161x_refsource_CONFIRM
https://sourceware.org/bugzilla/show_bug.cgi?id=18665x_refsource_CONFIRM
HPSBHF03578 rev.1 - HPE ConvergedSystem for SAP HANA using glibc, Multiple Remote Vulnerabilitiesx_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937x_refsource_CONFIRM
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.htmlx_refsource_MISC
https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17x_refsource_MISC
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380x_refsource_CONFIRM
http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflowx_refsource_CONFIRM
https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01x_refsource_MISC
https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/x_refsource_CONFIRM
https://support.lenovo.com/us/en/product_security/len_5450x_refsource_CONFIRM
HPSBGN03442 rev.2 - HP Helion OpenStack using glibc, Remote Denial of Service (DoS), Arbitrary Code Executionx_refsource_CONFIRM
http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.htmlx_refsource_MISC
http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.htmlx_refsource_MISC
http://www.vmware.com/security/advisories/VMSA-2016-0002.htmlx_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1293532x_refsource_CONFIRM
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixesx_refsource_CONFIRM
http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflowx_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516x_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722x_refsource_CONFIRM
http://support.citrix.com/article/CTX206991x_refsource_CONFIRM
https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.htmlx_refsource_MISC
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlx_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877x_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917x_refsource_CONFIRM
HPSBGN03597 rev.1 - HPE Cloud Optimizer (Virtualization Performance Viewer) using glibc Remote Denial of Service (DoS)x_refsource_CONFIRM
https://access.redhat.com/articles/2161461x_refsource_CONFIRM
http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.htmlx_refsource_MISC
https://bto.bluecoat.com/security-advisory/sa114x_refsource_CONFIRM
https://www.tenable.com/security/research/tra-2017-08x_refsource_MISC
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-enx_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404x_refsource_CONFIRM
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.htmlx_refsource_CONFIRM
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/83265vdb-entryx_refsource_BID
https://www.exploit-db.com/exploits/39454/exploitx_refsource_EXPLOIT-DB
https://www.exploit-db.com/exploits/40339/exploitx_refsource_EXPLOIT-DB
http://www.securitytracker.com/id/1035020vdb-entryx_refsource_SECTRACK
http://www.debian.org/security/2016/dsa-3481vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2016/dsa-3480vendor-advisoryx_refsource_DEBIAN
https://www.kb.cert.org/vuls/id/457759third-party-advisoryx_refsource_CERT-VN
http://ubuntu.com/usn/usn-2900-1vendor-advisoryx_refsource_UBUNTU
http://marc.info/?l=bugtraq&m=145690841819314&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=146161017210491&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=145672440608228&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=145596041017029&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=145857691004892&w=2vendor-advisoryx_refsource_HP
https://security.gentoo.org/glsa/201602-02vendor-advisoryx_refsource_GENTOO
http://rhn.redhat.com/errata/RHSA-2016-0175.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-0176.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-0225.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-0277.htmlvendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.htmlvendor-advisoryx_refsource_SUSE
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.htmlvendor-advisoryx_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.htmlvendor-advisoryx_refsource_FEDORA
http://seclists.org/fulldisclosure/2021/Sep/0mailing-listx_refsource_FULLDISC
https://sourceware.org/ml/libc-alpha/2016-02/msg00416.htmlmailing-listx_refsource_MLIST
http://seclists.org/fulldisclosure/2019/Sep/7mailing-listx_refsource_FULLDISC
https://seclists.org/bugtraq/2019/Sep/7mailing-listx_refsource_BUGTRAQ
http://seclists.org/fulldisclosure/2022/Jun/36mailing-listx_refsource_FULLDISC
https://nvd.nist.gov/vuln/detail/CVE-2015-7547

Same Patch Batch · n/a · 2016-02-18 · 14 CVEs total

CVE-2015-8286		Zhuhai RaySharp固件安全漏洞
CVE-2015-8287		Swann SRNVW-470LCD和SWNVW-470CAM 安全漏洞
CVE-2016-0794		LibreOffice 缓冲区错误漏洞
CVE-2016-0795		LibreOffice 缓冲区错误漏洞
CVE-2015-5970		Novell ZENworks Configuration Management 安全漏洞
CVE-2015-8148		Symantec Encryption Management Server LDAP服务安全漏洞
CVE-2015-8149		Symantec Encryption Management Server LDAP服务拒绝服务
CVE-2015-8150		Symantec Encryption Management Server 安全漏洞
CVE-2015-8151		Symantec Encryption Management Server 安全漏洞
CVE-2016-0068		Microsoft Internet Explorer 特权提升漏洞
CVE-2016-0069		Microsoft Internet Explorer 特权提升漏洞
CVE-2016-1987		HPE IPFilter 拒绝服务漏洞
CVE-2016-2509		Belden Hirschmann Classic Platform 安全漏洞

IV. 関連脆弱性

同じ製品: n/a

同じベンダー: n/a

V. CVE-2015-7547へのコメント

まだコメントはありません

目標達成すべての支援者に感謝 — 100%達成しました！

CVE-2015-7547— GNU C Library 缓冲区错误漏洞

I. CVE-2015-7547の基本情報

脆弱性情報

脆弱性タイトル

脆弱性説明

CVSS情報

脆弱性タイプ

脆弱性タイトル

脆弱性説明

CVSS情報

脆弱性タイプ

Shenlong 10 Questions — AI 深度分析

影響を受ける製品

II. CVE-2015-7547の公開POC

III. CVE-2015-7547のインテリジェンス情報

Same Patch Batch · n/a · 2016-02-18 · 14 CVEs total

IV. 関連脆弱性

V. CVE-2015-7547へのコメント

コメントを残す

目標達成 すべての支援者に感謝 — 100%達成しました！

CVE-2015-7547— GNU C Library 缓冲区错误漏洞

I. CVE-2015-7547の基本情報

脆弱性情報

脆弱性タイトル

脆弱性説明

CVSS情報

脆弱性タイプ

脆弱性タイトル

脆弱性説明

CVSS情報

脆弱性タイプ

Shenlong 10 Questions — AI 深度分析

影響を受ける製品

II. CVE-2015-7547の公開POC

III. CVE-2015-7547のインテリジェンス情報

Same Patch Batch · n/a · 2016-02-18 · 14 CVEs total

IV. 関連脆弱性

V. CVE-2015-7547へのコメント

コメントを残す

目標達成すべての支援者に感謝 — 100%達成しました！