CVE-2015-7547

EPSS 93.95% · P100 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-7547

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

GNU C Library 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

GNU C Library（glibc，libc6）是一种按照LGPL许可协议发布的开源免费的C语言编译程序。 GNU C Library 2.23之前版本存在缓冲区错误漏洞。攻击者利用该漏洞导致系统拒绝服务（崩溃）或通过特制的DNS响应触发任意代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2015-7547

#	POC Description	Source Link	Shenlong Link
1	Proof of concept for CVE-2015-7547	https://github.com/fjserna/CVE-2015-7547	POC Details
2	test script for CVE-2015-7547	https://github.com/cakuzo/CVE-2015-7547	POC Details
3	None	https://github.com/t0r0t0r0/CVE-2015-7547	POC Details
4	glibc check and update in light of CVE-2015-7547	https://github.com/rexifiles/rex-sec-glibc	POC Details
5	glibc getaddrinfo stack-based buffer overflow	https://github.com/babykillerblack/CVE-2015-7547	POC Details
6	PoC exploit server for CVE-2015-7547	https://github.com/jgajek/cve-2015-7547	POC Details
7	PoC attack server for CVE-2015-7547 buffer overflow vulnerability in glibc DNS stub resolver (public version)	https://github.com/eSentire/cve-2015-7547-public	POC Details
8	None	https://github.com/bluebluelan/CVE-2015-7547-proj-master	POC Details
9	loudong	https://github.com/miracle03/CVE-2015-7547-master	POC Details
10	CVE-2015-7547 initial research.	https://github.com/Stick-U235/CVE-2015-7547-Research	POC Details
11	Glibc-Vulnerability-Exploit-CVE-2015-7547	https://github.com/Amilaperera12/Glibc-Vulnerability-Exploit-CVE-2015-7547	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2015-7547

请登录查看更多情报信息。

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266x_refsource_CONFIRM
https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/x_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958x_refsource_CONFIRM
https://kc.mcafee.com/corporate/index?page=content&id=SB10150x_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367x_refsource_CONFIRM
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161x_refsource_CONFIRM
https://sourceware.org/bugzilla/show_bug.cgi?id=18665x_refsource_CONFIRM
HPSBHF03578 rev.1 - HPE ConvergedSystem for SAP HANA using glibc, Multiple Remote Vulnerabilitiesx_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937x_refsource_CONFIRM
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.htmlx_refsource_MISC
https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17x_refsource_MISC
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380x_refsource_CONFIRM
http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflowx_refsource_CONFIRM
https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01x_refsource_MISC
https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/x_refsource_CONFIRM
https://support.lenovo.com/us/en/product_security/len_5450x_refsource_CONFIRM
HPSBGN03442 rev.2 - HP Helion OpenStack using glibc, Remote Denial of Service (DoS), Arbitrary Code Executionx_refsource_CONFIRM
http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.htmlx_refsource_MISC
http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.htmlx_refsource_MISC
http://www.vmware.com/security/advisories/VMSA-2016-0002.htmlx_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1293532x_refsource_CONFIRM
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixesx_refsource_CONFIRM
http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflowx_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516x_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722x_refsource_CONFIRM
http://support.citrix.com/article/CTX206991x_refsource_CONFIRM
https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.htmlx_refsource_MISC
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlx_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877x_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917x_refsource_CONFIRM
HPSBGN03597 rev.1 - HPE Cloud Optimizer (Virtualization Performance Viewer) using glibc Remote Denial of Service (DoS)x_refsource_CONFIRM
https://access.redhat.com/articles/2161461x_refsource_CONFIRM
http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.htmlx_refsource_MISC
https://bto.bluecoat.com/security-advisory/sa114x_refsource_CONFIRM
https://www.tenable.com/security/research/tra-2017-08x_refsource_MISC
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-enx_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404x_refsource_CONFIRM
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.htmlx_refsource_CONFIRM
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/83265vdb-entryx_refsource_BID
https://www.exploit-db.com/exploits/39454/exploitx_refsource_EXPLOIT-DB
https://www.exploit-db.com/exploits/40339/exploitx_refsource_EXPLOIT-DB
http://www.securitytracker.com/id/1035020vdb-entryx_refsource_SECTRACK
http://www.debian.org/security/2016/dsa-3481vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2016/dsa-3480vendor-advisoryx_refsource_DEBIAN
https://www.kb.cert.org/vuls/id/457759third-party-advisoryx_refsource_CERT-VN
http://ubuntu.com/usn/usn-2900-1vendor-advisoryx_refsource_UBUNTU
http://marc.info/?l=bugtraq&m=145690841819314&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=146161017210491&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=145672440608228&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=145596041017029&w=2vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=145857691004892&w=2vendor-advisoryx_refsource_HP
https://security.gentoo.org/glsa/201602-02vendor-advisoryx_refsource_GENTOO
http://rhn.redhat.com/errata/RHSA-2016-0175.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-0176.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-0225.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-0277.htmlvendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.htmlvendor-advisoryx_refsource_SUSE
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.htmlvendor-advisoryx_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.htmlvendor-advisoryx_refsource_FEDORA
http://seclists.org/fulldisclosure/2021/Sep/0mailing-listx_refsource_FULLDISC
https://sourceware.org/ml/libc-alpha/2016-02/msg00416.htmlmailing-listx_refsource_MLIST
http://seclists.org/fulldisclosure/2019/Sep/7mailing-listx_refsource_FULLDISC
https://seclists.org/bugtraq/2019/Sep/7mailing-listx_refsource_BUGTRAQ
http://seclists.org/fulldisclosure/2022/Jun/36mailing-listx_refsource_FULLDISC
https://nvd.nist.gov/vuln/detail/CVE-2015-7547

Same Patch Batch · n/a · 2016-02-18 · 14 CVEs total

CVE-2015-8286		Zhuhai RaySharp固件安全漏洞
CVE-2015-8287		Swann SRNVW-470LCD和SWNVW-470CAM 安全漏洞
CVE-2016-0794		LibreOffice 缓冲区错误漏洞
CVE-2016-0795		LibreOffice 缓冲区错误漏洞
CVE-2015-5970		Novell ZENworks Configuration Management 安全漏洞
CVE-2015-8148		Symantec Encryption Management Server LDAP服务安全漏洞
CVE-2015-8149		Symantec Encryption Management Server LDAP服务拒绝服务
CVE-2015-8150		Symantec Encryption Management Server 安全漏洞
CVE-2015-8151		Symantec Encryption Management Server 安全漏洞
CVE-2016-0068		Microsoft Internet Explorer 特权提升漏洞
CVE-2016-0069		Microsoft Internet Explorer 特权提升漏洞
CVE-2016-1987		HPE IPFilter 拒绝服务漏洞
CVE-2016-2509		Belden Hirschmann Classic Platform 安全漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2015-7547

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2015-7547

I. Basic Information for CVE-2015-7547

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2015-7547

III. Intelligence Information for CVE-2015-7547

Same Patch Batch · n/a · 2016-02-18 · 14 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2015-7547

Leave a comment