Red Hat Bugzilla – Bug 1284642
CVE-2015-7510 systemd: Stack overflow in nss-mymachines
Last modified: 2016-01-13 04:37:40 EST
A stack-based buffer overflow vulnerability was found in getpwnam()/getgrnam() functions of NSS module nss-mymachines provided by systemd.
This issue was discovered by Florian Weimer of Red Hat.
Created systemd tracking bugs for this issue:
Affects: fedora-all [bug 1284825]
The bug was introduced with the _nss_mymachines_getpwnam_r() & _nss_mymachines_getgrnam_r() functions, in v223.
RHEL7 is currently shipping older versions, and thus is not vulnerable.
This issue did not affect the versions of systemd as shipped with Red Hat Enterprise Linux 7.