Security Advisory – CVE-2015-5229 – URGENT ACTION REQUIRED – VPS & Dedicated Servers
On Tuesday Google’s online security team publicly disclosed a severe vulnerability in the Gnu C Library’s DNS client. Due to the ubiquity of Glibc, this affects an astounding number of machines and software running on the internet, as one example of the range of software affected, nearly every Bitcoin implementation is affected.
The glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo() library function is used. Software using this function may be exploited with attacker-controlled domain names, attacker-controlled DNS servers, or through a man-in-the-middle attack.
In the course of Google’s investigation, engineers discovered that glibc maintainers knew about the bug and potential exploit since July 2015. It wasn’t clear if the bug had been fixed. While seeking a solution, the company learned that two Red Hat developers were also working independently on a solution to the glibc bug. Google and Red Hat collaborated to create and test a patch that is available now which suggests the issue was not fixed by glibc.
The issue affects all glibc libraries after the 2.9 release. Once we learned of this issue and confirmed the patch created does resolve the issue we started patching our servers right away. Currently , e have detected the flaw in the following OS versions.
A list of affected Linux distributions
- Red Hat Enterprise Linux Server 7
- Red Hat Enterprise Linux Server 6
- CentOS Linux 7
- CentOS Linux 6
- Debian Linux 6 squeeze
- Debian Linux 7 wheezy
- Debian Linux 8 jessie
- Ubuntu Linux 15.10
- Ubuntu Linux 14.04 LTS
- Ubuntu Linux 12.04 LTS
- SUSE Linux Enterprise Linux 11
- SUSE Linux Enterprise Linux 12
- openSUSE Leap 42.1
Customers running virtual servers or dedicated servers who do not have an Enhanced Support Policy need to patch the OS on your machine as a matter of extreme urgency. Now this bug is known to the world it’s only a matter of time before people start trying to exploit servers.
For all users it is required that you login using the root account using ssh. Choose your correct OS type from below and issue the given commands to patch your machines.
sudo yum clean all sudo yum update -y sudo systemctl daemon-reexec
Debian or Ubuntu Linux
sudo apt-get update sudo apt-get upgrade -y sudo reboot
SUSE Linux Enterprise (and opensuse)
From the console when running these commands you should see a list of packages to be updated. In the list there should be six packages all starting libbc-
For any questions relating to this you can always open a support ticket from your client account located at https://first2host.uk users who have an ESP (formally LTSP) have done or will have this work completed by the close of play today. There is no need to contact us.
How was this article?
More from All About Linux
Ioncube Loaders are a piece of software that is used to protect the underlying code in PHP applications. Its aim …