GHOST Critical alert for all Linux users!

[RealBlackStuff]

This critical vulnerability has been spotted: GHOST
See this: http://www.zdnet.com/article/critical-l ... TRE17cfd61

[Neil]

Whoa! That looks dangerous. Must have been fixed as soon as it was discovered, since I don't recall reading ab out any wide spread attacks like this hole would have made possible. Besides, it only seems to have affected older versions of most distro, as any distro with glibc newer than 2.17, wasn't vulnerable to this. But, I guess there are several people still running some LTS systems that were vulnerable.

[ajkula66]

Thanks for the heads up.

I'm not booting any of my machines that run CentOS until the patch is released...

[bit_twiddler]

A friend who works in the computer security area sent me
the following shell script which you can use on RHEL/CENTOS/SL/etc to determine
if your system is at risk:


#!/bin/bash
#Version 3

echo "Installed glibc version(s)"

rv=0
for glibc_nvr in $( rpm -q --qf '%{name}-%{version}-%{release}.%{arch}\n' glibc ); do
glibc_ver=$( echo "$glibc_nvr" | awk -F- '{ print $2 }' )
glibc_maj=$( echo "$glibc_ver" | awk -F. '{ print $1 }')
glibc_min=$( echo "$glibc_ver" | awk -F. '{ print $2 }')

echo -n "- $glibc_nvr: "
if [ "$glibc_maj" -gt 2 -o \
\( "$glibc_maj" -eq 2 -a "$glibc_min" -ge 18 \) ]; then
# fixed upstream version
echo 'not vulnerable'
else
# all RHEL updates include CVE in rpm %changelog
if rpm -q --changelog "$glibc_nvr" | grep -q 'CVE-2015-0235'; then
echo "not vulnerable"
else
echo "vulnerable"
rv=1
fi
fi
done

if [ $rv -ne 0 ]; then
cat <<EOF

This system is vulnerable to CVE-2015-0235. <https://access.redhat.com/security/cve/CVE-2015
-0235>
Please refer to <https://access.redhat.com/articles/1332213> for remediation steps
EOF
fi

exit $rv

[Dekks]

Latest News: While still being a significant bug the calls related to the bug have been depreciated for a few years now & certainly GHOST isn't upto the impact of heartbleed.

Secondly someone patched the bug back in 2013 but never highlighted it as a security issue so any legacy installs such as Ubuntu 12.04 LTS never got the patched versions. If your on a rolling distro with glibc >2.17 then your OK.

[rumbero]

Furthermore, most desktop users should be on the safe size since long time already, as desktop release versions are typically based on much more current glibc versions.
If there is any reason for concern, it is mainly because of server systems which are not typically running the latest Linux software but, instead, a known stable release version with already a few years age...

[Norway Pad]

Does this also affect Debian based distros, line Antix? Debian 7 is mentioned, but I wouldn't have any idea where to even look for a patch.

[bit_twiddler]

Does this also affect Debian based distros, line Antix? Debian 7 is mentioned, but I wouldn't have any idea where to even look for a patch.

What happens when you do:

sudo apt-get update
sudo apt-get upgrade