TPS-2016-004 2015-7547 glibc getaddrinfo stack-based buffer overflow

Joyent Engineers are aware of the glibc (CVE-2015-7547) security vulnerability believed to be found in all versions of the glibc since 2.9. The glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo() library function is used. Software using this function may be exploited with attacker-controlled domain names, attacker-controlled DNS servers, or through a man-in-the-middle attack.

For any Joyent customers using glibc in their [Docker containers2], LX zones, or KVM instances, it is advised to update glibc if you are on a vulnerable version. If the vulnerability is detected, a patch for this exploit, along with a more detailed technical explanation, is available here.

Please also check the notices applicable to the Linux Distro you are using for the necessary remedial actions, such as:

If you have any further questions or concerns, please contact Joyent Support by submitting a request at the Customer Support Portal or via email to