CVE-2015-1781
Description
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Buffer overflow in glibc's gethostbyname_r and NSS functions before 2.22 allows arbitrary code execution via a crafted DNS response.
Vulnerability
A buffer overflow exists in the gethostbyname_r and other unspecified NSS (Name Service Switch) functions in the GNU C Library (glibc) prior to version 2.22 [2]. The flaw occurs when these functions compute the size of a buffer after being passed a misaligned buffer as input. A crafted DNS response can trigger this condition, leading to a buffer overflow [1][4]. The issue affects all applications that use these functions with a misaligned buffer, which can be induced by a malicious DNS server response.
Exploitation
An attacker must be able to cause an application to call any of the affected NSS functions with a misaligned buffer. This can be achieved by sending a specially crafted DNS response to a vulnerable application that performs hostname resolution. No authentication is required if the application is reachable over the network. The attacker does not need local access; the attack is context-dependent and can be triggered remotely via DNS queries [1].
Impact
Successful exploitation can result in a denial of service (application crash) or arbitrary code execution with the privileges of the user running the vulnerable application [1][4]. The impact is limited to the application's user context, but could lead to full system compromise if the application runs with elevated privileges.
Mitigation
The vulnerability is fixed in glibc version 2.22 [2]. Red Hat Enterprise Linux 6 users should apply the update provided in RHSA-2015-0863 [1]. Ubuntu users should apply the update from USN-2985-1 [4]. No workaround is available; updating to the fixed version is the only mitigation. The vulnerability is rated Moderate severity by Red Hat [1].
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
28cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*
- cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
- osv-coords15 versionspkg:rpm/opensuse/glibc&distro=openSUSE%20Tumbleweedpkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP3pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP4pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSSpkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP3pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012
< 2.24-2.3+ 14 more
- (no CPE)range: < 2.24-2.3
- (no CPE)range: < 2.11.3-17.87.3
- (no CPE)range: < 2.11.3-17.87.3
- (no CPE)range: < 2.19-22.7.1
- (no CPE)range: < 2.11.3-17.45.66.1
- (no CPE)range: < 2.11.3-17.87.3
- (no CPE)range: < 2.11.3-17.87.3
- (no CPE)range: < 2.11.3-17.87.3
- (no CPE)range: < 2.19-22.7.1
- (no CPE)range: < 2.11.3-17.87.3
- (no CPE)range: < 2.11.3-17.87.3
- (no CPE)range: < 2.19-22.7.1
- (no CPE)range: < 2.11.3-17.87.3
- (no CPE)range: < 2.11.3-17.87.3
- (no CPE)range: < 2.19-22.7.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.htmlnvdMailing ListThird Party Advisory
- www.debian.org/security/2016/dsa-3480nvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/74255nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1032178nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2985-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2985-2nvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2015-0863.htmlnvdThird Party Advisory
- security.gentoo.org/glsa/201602-02nvdThird Party Advisory
- sourceware.org/bugzilla/show_bug.cginvdIssue TrackingThird Party Advisory
- sourceware.org/git/nvd
News mentions
0No linked articles in our index yet.