Skip to Content Information Center
Lexmark X864

Lexmark X864

Lexmark Security Advisory: GHOST: Glibc Gethostbyname Buffer Overflow Vulnerability

Lexmark Security Advisory:

Revision: 1.0
Last update: 16 February 2015
Public Release Date: 19 February 2015


GHOST: glibc gethostbyname buffer overflow vulnerability

Lexmark has learned of a vulnerability in the “glibc” library that provides the potential for an attacker to execute arbitrary code on an affected system.


CVE: CVE-2015-0235


On January 27, 2015, a buffer overflow vulnerability was announced in the glibc library function __nss_hostname_digits_dots(). This vulnerability can be leveraged to execute arbitrary code. Lexmark printer products contain the vulnerability, but are not susceptible to any of the known exploit methods; therefore abusing the vulnerability on a Lexmark device is difficult.

CVSS Base Score: 7.6 (AV:L/AC:H/AU:N/C:N/I:P/A:C)
Impact Subscore: 10
Exploitability Subscore: 4.9

CVSS scores are calculated in accordance with CVSS version 2.0 (


Successful exploitation of this vulnerability can lead to the disclosure and/or modification of information and the ability to execute code on the affected system.

Affected Products

The following products are known to be affected. For specific details, see “Product Specific Information” below.

Lexmark is assessing each product and will update this advisory as more information becomes available.

  • Lexmark printer products

Product Specific Information

Lexmark is individually assessing each product and will update this advisory as more information becomes available.

Laser printer products

The following printers and MFPs are affected:

To determine a devices firmware level, select the “Reports”->”Menu Setting Page” menu item from the operator panel. If the firmware level listed under “Device Information” matches any level under “Affected Releases”, then upgrade to a “Fixed Release”.

Lexmark ModelsAffected ReleasesFixed Releases
CS31xLW41.VYL.P481 and previousLW41.VYL.P482 and later
CS41xLW41.VY2.P481 and previousLW41.VY2.P482 and later
CS51xLW41.VY4.P481 and previousLW41.VY4.P482 and later
CX310LW41.GM2.P481 and previousLW41.GM2.P482 and later
CX410LW41.GM4.P481 and previousLW41.GM4.P482 and later
CX510LW41.GM7.P481 and previousLW41.GM7.P482 and later
XC2132LW41.GM7.P481 and previousLW41.GM7.P482 and later
MS310LW41.PRL.P481 and previousLW41.PRL.P482 and later
MS312LW41.PRL.P481 and previousLW41.PRL.P482 and later
MS315LW41.TL.P481 and previousLW41.TL.P482 and later
MS410LW41.PRL.P481 and previousLW41.PRL.P482 and later
MS415LW41.TL.P481 and previousLW41.TL.P482 and later
MS51xLW41.PR2.P481 and previousLW41.PR2.P482 and later
MS610dn & MS610dtnLW41.PR2.P481 and previousLW41.PR2.P482 and later

& M3150dn

LW41.PR2.P481 and previousLW41.PR2.P482 and later
MS610de & MS610dteLW41.PR4.P481 and previousLW41.PR4.P482 and later
M3150LW41.PR4.P481 and previousLW41.PR4.P482 and later
MS71xLW41.DN2.P481 and previousLW41.DN2.P482 and later
MS810n, MS810dn & MS810dtnLW41.DN2.P481 and previousLW41.DN2.P482 and later
MS811LW41.DN2.P481 and previousLW41.DN2.P482 and later
MS812dn, MS812dtnLW41.DN2.P481 and previousLW41.DN2.P482 and later
M5163dnLW41.DN2.P481 and previousLW41.DN2.P482 and later
MS810deLW41.DN4.P481 and previousLW41.DN4.P482 and later
M5155 & M5163LW41.DN4.P481 and previousLW41.DN4.P482 and later
MS812deLW41.DN7.P481 and previousLW41.DN7.P482 and later
M5170LW41.DN7.P481 and previousLW41.DN7.P482 and later
MS91xLW41.SA.P481 and previousLW41.SA.P482 and later
MX310LW41.SB2.P481 and previousLW41.SB2.P482 and later
MX410, MX510 & MX511LW41.SB4.P481 and previousLW41.SB4.P482 and later
XM1145LW41.SB4.P481 and previousLW41.SB4.P482 and later
MX610 & MX611LW41.SB7.P481 and previousLW41.SB7.P482 and later
XM3150LW41.SB7.P481 and previousLW41.SB7.P482 and later
MX71xLW41.TU.P481 and previousLW41.TU.P482 and later
MX81xLW41.TU.P481 and previousLW41.TU.P482 and later
XM51xx & XM71xxLW41.TU.P481 and previousLW41.TU.P482 and later
MX91xLW41.MG.P481 and previousLW41.MG.482 and later
MX6500eLW41.JD.P482 and previousLW41.JD.483 and later
C746LHS41.CM2.P471 and previousLHS41.CM2.P472 and later
C748 & CS748LHS41.CM4.P471 and previousLHS41.CM4.P472 and later
C79x & CS796LHS41.HC.P471 and previousLHS41.HC.P472 and later
C925LHS41.HV.P471 and previousLHS41.HV.P472 and later
C95xLHS41.TP.P471 and previousLHS41.TP.P472 and later
X548 & XS548LHS41.VK.P471 and previousLHS41.VK.P472 and later
X74x & XS748LHS41.NY.P471 and previousLHS41.NY.P472 and later
X792 & XS79xLHS41.MR.P471 and previousLHS41.MR.P472 and later
X925 & XS925LHS41.HK.P471 and previousLHS41.HK.P472 and later
X95x & XS95xLHS41.TQ.P471 and previousLHS41.TQ.P472 and later
6500eLHS41.JR.P471 and previousLHS41.JR.P472 and later
C734LR.SK.P695 and previousLR.SK.P696 and later
C736LR.SKE.P693 and previousLR.SKE.P694 and later
E46xLR.LBH.P674 and previousLR.LBH.P675 and later
T650 & T652LR.JP.P683 and previousLR.JP.P684 and later
T654LR.JP.P683 and previousLR.JP.P684 and later
T656LSJ.SJ.P043 and previousLSJ.SJ.P044 and later
W85xLR.JB.P646 and previousLR.JB.P647 and later
X46xLR.BS.P697 and previousLR.BS.P698 and later
X65xLR.MN.P698 and previousLR.MN.P699 and later
X73xLR.FL.P697 and previousLR.FL.P698 and later
X86xLP.SP.P698 and previousLP.SP.P699 and later
C54xIn EvaluationContact Lexmark
E26xIn EvaluationContact Lexmark
E36xIn EvaluationContact Lexmark
X26xIn EvaluationContact Lexmark
X36xIn EvaluationContact Lexmark
X54xIn EvaluationContact Lexmark
C52xIn EvaluationContact Lexmark
C53xIn EvaluationContact Lexmark
C77xIn EvaluationContact Lexmark
C78xIn EvaluationContact Lexmark
C92xIn EvaluationContact Lexmark
C93xIn EvaluationContact Lexmark
E45xIn EvaluationContact Lexmark
T64xIn EvaluationContact Lexmark
W84xIn EvaluationContact Lexmark
X642In EvaluationContact Lexmark
X644/X646In EvaluationContact Lexmark
X64xefIn EvaluationContact Lexmark
X85xIn EvaluationContact Lexmark
X94xIn EvaluationContact Lexmark
N4000LC.MD.P119 and previousContact Lexmark
N4050eGO.GO.N206 and previousContact Lexmark
N7xxeLC.CO.N309 and previousContact Lexmark

Obtaining Updated Software

To obtain firmware that resolves this issue or if you have special code, please contact Lexmark’s Technical Support Center at to find your local support center.


Lexmark recommends updating firmware to address this issue.

Exploitation and Public Announcements

Lexmark is not aware of any malicious use against Lexmark products of the vulnerability described in this advisory.

Status of this Notice:

This document is provided on an "as is" basis and is provided without any express or implied guarantee or warranty whatsoever, including but not limited to the warranties of merchantability and fitness for a particular use or purpose. Lexmark reserves the right to change or update this document at any time.


This advisory is posted on Lexmark’s web site at

Future updates to this document will be posted on Lexmark’s web site at the same location.

Revision History

1.0 16 – February – 2015 Initial Public Release


Was this article helpful?