/
[SoftNAS KB]: Installing Hotfix for CVE-2015-7547

[SoftNAS KB]: Installing Hotfix for CVE-2015-7547

Symptoms

On February 16th, a serious defect was found in the getaddrinfo() library call in glibc. This issue, labelled CVE-2015-7547, allows an attacker to cause buffer overflow to occur, creating the possibility of remote code execution in some circumstances. In order to ensure that SoftNAS instances are not vulnerable to this potentially serious security issue, a hotfix has been created in order to eliminate this risk.

Purpose

This KB article provides the steps required to apply the hotfix in order to eliminate the CVE-2015-7547 defect.

Resolution

Log in to your SoftNAS instance using your current credentials.

In the Storage Administration pane, expand Settings, and select General System Settings.

General System Settings


This will bring you to the Webmin Panel. In the Webmin Panel, expand Others, and click Command Shell.

Webmin Panel and Command Shell

Paste the  following command into the Command Shell Applet. 

curl https://www.softnas.com/software/hotfixes/hotfix-cve-2015-7547.sh.gz | gunzip | sh

The hotfix will begin installation. To monitor the update, note the location of the install log. 

Command in progress



Additional Information

Related content

Buurst® SoftNAS 5 Release Notes
Buurst® SoftNAS 5 Release Notes
More like this
SoftNAS 5 Release Notes
SoftNAS 5 Release Notes
More like this
CVE-2024-37891 (urllib3 Python Library) & CVE-2024-39689 (certifi Python Library)
CVE-2024-37891 (urllib3 Python Library) & CVE-2024-39689 (certifi Python Library)
More like this
Responding to the results of a security scan
Responding to the results of a security scan
More like this
[SoftNAS KB]: Installing HA Hotfix
[SoftNAS KB]: Installing HA Hotfix
More like this
[SoftNAS KB] Installation of 3rd party tools may void support
[SoftNAS KB] Installation of 3rd party tools may void support
More like this