Is CVE-2015-7547 actively exploited?

CVE-2015-7547 has no public evidence of in-the-wild exploitation as of 2025-04-12.

What is the CVSS score for CVE-2015-7547?

CVE-2015-7547 has a CVSS score of 8.1 (HIGH severity). Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H.

How do I patch CVE-2015-7547?

Patch guidance is available from debian security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2015-7547.

Fix CVE-2015-7547 - HIGH debian debian linux

Q: Which products are affected by CVE-2015-7547?

68 products: debian debian linux, canonical ubuntu linux, canonical ubuntu linux, canonical ubuntu linux, hp helion openstack, and 63 more.

Description

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.

CVSS Metrics

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector: network
Complexity: high
Privileges: none
User Action: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
Weaknesses: CWE-119 · Memory Buffer Errors

Metadata

Primary Vendor: DEBIAN
Published: 2/18/2016
Last Modified: 4/12/2025
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

debian : debian_linuxcanonical : ubuntu_linuxcanonical : ubuntu_linuxcanonical : ubuntu_linuxhp : helion_openstackhp : helion_openstackhp : helion_openstackhp : server_migration_packsophos : unified_threat_management_softwaresophos : unified_threat_management_softwaresuse : linux_enterprise_debuginfosuse : linux_enterprise_debuginfosuse : linux_enterprise_debuginfoopensuse : opensusesuse : linux_enterprise_desktopsuse : linux_enterprise_desktopsuse : linux_enterprise_desktopsuse : linux_enterprise_desktopsuse : linux_enterprise_serversuse : linux_enterprise_serversuse : linux_enterprise_serversuse : linux_enterprise_serversuse : linux_enterprise_serversuse : linux_enterprise_software_development_kitsuse : linux_enterprise_software_development_kitsuse : linux_enterprise_software_development_kitsuse : linux_enterprise_software_development_kitsuse : suse_linux_enterprise_serveroracle : exalogic_infrastructureoracle : exalogic_infrastructuref5 : big-ip_access_policy_managerf5 : big-ip_advanced_firewall_managerf5 : big-ip_analyticsf5 : big-ip_application_acceleration_managerf5 : big-ip_application_security_managerf5 : big-ip_domain_name_systemf5 : big-ip_link_controllerf5 : big-ip_local_traffic_managerf5 : big-ip_policy_enforcement_manageroracle : fujitsu_m10_firmwareredhat : enterprise_linux_desktopredhat : enterprise_linux_hpc_noderedhat : enterprise_linux_hpc_node_eusredhat : enterprise_linux_serverredhat : enterprise_linux_server_ausredhat : enterprise_linux_server_eusredhat : enterprise_linux_workstationgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibcgnu : glibc

Remediation Guidance

Executive Summary

View on NIST NVD