Security Advisory – CVE-2015-5229

Security Advisory – CVE-2015-5229  – URGENT ACTION REQUIRED – VPS & Dedicated Servers

On Tuesday Google’s online security team publicly disclosed a severe vulnerability in the Gnu C Library’s DNS client. Due to the ubiquity of Glibc, this affects an astounding number of machines and software running on the internet, as one example of the range of software affected, nearly every Bitcoin implementation is affected.

The glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo() library function is used. Software using this function may be exploited with attacker-controlled domain names, attacker-controlled DNS servers, or through a man-in-the-middle attack.

In the course of Google’s investigation, engineers discovered that glibc maintainers knew about the bug and potential exploit since July 2015. It wasn’t clear if the bug had been fixed. While seeking a solution, the company learned that two Red Hat developers were also working independently on a solution to the glibc bug. Google and Red Hat collaborated to create and test a patch that is available now which suggests the issue was not fixed by glibc.

The issue affects all glibc libraries after the 2.9 release. Once we learned of this issue and confirmed the patch created does resolve the issue we started patching our servers right away. Currently , e have detected the flaw in the following OS versions.

A list of affected Linux distributions

1. Red Hat Enterprise Linux Server 7
2. Red Hat Enterprise Linux Server 6
3. CentOS Linux 7
4. CentOS Linux 6
5. Debian Linux 6 squeeze
6. Debian Linux 7 wheezy
7. Debian Linux 8 jessie
8. Ubuntu Linux 15.10
9. Ubuntu Linux 14.04 LTS
10. Ubuntu Linux 12.04 LTS
11. SUSE Linux Enterprise Linux 11
12. SUSE Linux Enterprise Linux 12
13. openSUSE Leap 42.1

Customers running virtual servers or dedicated servers who do not have an Enhanced Support Policy need to patch the OS on your machine as a matter of extreme urgency. Now this bug is known to the world it’s only a matter of time before people start trying to exploit servers.

Patching Instructions

For all users it is required that you login using the root account using ssh. Choose your correct OS type from below and issue the given commands to patch your machines.

RHEL/CentOS Linux

sudo yum clean all
 sudo yum update -y
 sudo systemctl daemon-reexec

Debian or Ubuntu Linux

sudo apt-get update
 sudo apt-get upgrade -y
 sudo reboot

SUSE Linux Enterprise (and opensuse)

zypper up

From the console when running these commands you should see a list of packages to be updated. In the list there should be six packages all starting libbc-

For any questions relating to this you can always open a support ticket from your client account located at https://first2host.uk users who have an ESP (formally LTSP) have done or will have this work completed by the close of play today. There is no need to contact us.

How was this article?

More from All About Linux

Install Ioncube Loaders In Ubuntu, Debian, CentOS and AlmaLinux

Posted On June 25, 2022 F2H.Cloud 0

Ioncube Loaders are a piece of software that is used to protect the underlying code in PHP applications. Its aim …

How to install FTP and configure FTP on an Ubuntu 22 LTS instance

Posted On June 13, 2022 F2H.Cloud 0

If you need to upload files to your NVMe VPS you have a couple of options. You can use a …

How to install a Cloudflare Origin SSL Certificate – NGINX

Posted On June 4, 2022 F2H.Cloud 0

An SSL Certificate is vital to encrypt data between you and your clients. SSLs can be complicated things. If they …

Editor Picks

Compatible OS Versions – Linux KVM NVMe VPS

August 6, 2020 0

How To WordPress Prevent Website Hacks

January 8, 2020 0

Set up a website on an Ubuntu using Apache Virtual Hosts

January 30, 2019 0

Create Docker Container And The Basic Docker Commands

September 14, 2018 1