The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cPanel Security Team: glibc CVE-2015-7547

Discussion in 'cPanel Announcements' started by cPanelCory, Feb 17, 2016.

  1. cPanelCory

    cPanelCory Developer - cPanel Security Team
    Staff Member

    Jan 18, 2008
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    cPanel Security Team: glibc CVE-2015-7547

    CVE-2015-7547 is a critical vulnerability in glibc affecting any versions greater than 2.9. The DNS client side resolver function getaddrinfo() used in the glibc library is vulnerable to a stack-based buffer overflow attack. This can be exploited in a variety of scenarios, including man-in-the-middle attacks, maliciously crafted domain names, and malicious DNS servers.

    What does this mean for cPanel servers?

    The glibc library is provided by your operating system vendor, which is one of Red Hat, CentOS, or Cloud Linux. All supported distros have published patched versions of glibc to their mirrors to address CVE-2015-7547.

    To update any affected servers, do the following:

    1. Log into your server via SSH with root privileges
    2. Run "yum clean all" to clear YUM's local caches
    3. Run "yum update" to install the patched version of glibc
    4. After glibc is updated you should reboot the system to ensure all daemons load the newer version of the library.

    You can ensure you are updated by running the command "rpm -q glibc". The package information displayed should match the version numbers provided by Red Hat at Critical security flaw: glibc stack-based buffer overflow in getaddrinfo() (CVE-2015-7547) - Red Hat Customer Portal

    Red Hat Enterprise Linux 7 - glibc-2.17-106.el7_2.4
    Red Hat Enterprise Linux 6 - glibc-2.12-1.166.el6_7.7

    Notifications about security updates for Red Hat, CentOS, and CloudLinux can be found at the following URLs:

    Red Hat | Red Hat, Inc.
    CentOS CentOS-announce Info Page
    CloudLinux CloudLinux - Main | New template

    What steps do I need to take as an Admin/root of our servers running cPanel & WHM?

    Once the RPM of glibc has been updated and the system rebooted, you are fully protected.

    cPanel also recommends that you configure the system to automatically update both the base operating system and the cPanel & WHM software automatically. These settings are located in WHM's "Update Preferences" interface.

    For the PGP-Signed version of this announcement please see

Share This Page