A critical vulnerability has been found in glibc, the GNU C library, that affects almost all Linux systems dating back to 2000. Attackers can use this flaw to execute code and remotely gain control of Linux machines.
The Red Hat Product Security has been made aware of a critical vulnerability in the glibc library, which has been assigned CVE-2015-0235 and is commonly referred to as GHOST. All versions of glibc shipped with all variants of Red Hat Enterprise Linux are affected.
GHOST is a “buffer overflow” bug affecting the gethostbyname() and gethostbyname2() function calls in the glibc library. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.
glibc before version 2.18 (released August ) is vulnerable. You can quickly check your glibc version by using “ldd –version” (but not all Unix systems that use glibc have ldd installed, and some software is statically compiled with glibc.
During a code audit performed internally at Qualys, we discovered a buffer overflow in the __nss_hostname_digits_dots() function of the GNU C Library (glibc). This bug is reachable both locally and remotely via the gethostbyname*() functions, so we decided to analyze it — and its impact — thoroughly, and named this vulnerability “GHOST”.
This vulnerability was discovered by Qualys Labs. You can find the source of the quote and more details here.
Am I affected? How to fix the problem?
This vulnerability was recently discovered in glibc that affects systems that use glibc-2.2 to glibc-2.17. The vulnerability is known as GHOST, CVE-2015-0235
Due to the seriousness of this vulnerability, it is highly recommended that you update glibc as soon as possible and reboot your system.
Here are the steps you have to take:
Debian/Ubuntu users: – for currently supported versions run the following command: sudo apt-get update && sudo apt-get upgrade
Ubuntu 14.04 is not vulnerable.
For End Of Life releases backup your important data and run the following command: do-release-upgrade
For Debian 6 users additional steps must be taken before the update. You can find them here: https://wiki.debian.org/LTS/Using
CentOS/Red Hat/Fedora users: – run the following command: yum update.