Glibc getaddrinfo() stack-overflow

Summary

Since glibc 2.9, the glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo() library function is used.

Affected Products

The following products are confirmed to be not affected:
  • FortiOS
  • FortiSwitch
  • FortiAnalyzer
  • FortiManager
  • FortiMail
  • Fortibridge
  • FortiAuthenticator
  • Meru
  • FortiMom
  • FortiDirector
  • FortiPrivateCloud
  • FortiCache
  • FortiClient
  • FortiRecorder
  • FortiCore
Other products are in the course of being investigated.

Solutions

N/A