Linux “Ghost” Remote Code Execution Vulnerability

A vulnerability has been discovered in Linux GNU C Library (glibc) which allows remote code execution via a vulnerability in the gethostbyname function. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

CVE Number

CVE-2015-0235

Risk

High

Impacted Systems

Linux and UNIX based systems

Recommendation

System owners are advised to apply the latest version of glibc, from their respective Linux and UNIX OS vendors immediately, and reboot their systems to complete the installation.

The UBC IT Satellite server is up-to-date with the current glibc patches for Red Hat 5, 6 & 7; system owners should immediately download the latest patches.

Debian and Ubuntu system owners can receive the latest patches by pointing their servers to mirror.it.ubc.ca

Vendor-Specific Links

Red Hat

Red Hat glibc latest versions:
Red Hat 5: glibc-2.5-123.el5_11.1
Red Hat 6: glibc-2.12-1.149.el6_6.5
Red Hat 7: glibc-2.17-55.el7_0.5

Red Hat CVE-2015-0235 link:
https://access.redhat.com/security/cve/CVE-2015-0235

Red Hat 5 patch versions link:
https://rhn.redhat.com/errata/RHSA-2015-0090.html

Red Hat 6 & 7 patch versions link:
https://rhn.redhat.com/errata/RHSA-2015-0092.html

CentOS

CentOS glibc latest versions:
CentOS 5: glibc-2.5-123.el5_11
CentOS 6: glibc-2.12-1.149.el6_6.5
CentOS 7: glibc-2.17-55.el7_0.5

Ubuntu

Ubuntu glibc latest versions:
Ubuntu 12.04 LTS: libc6 2.11.1-0ubuntu7.20
Ubuntu 10.04 LTS: libc6 2.15-0ububtu 10.10

Ubuntu CVE-2015-0235 link:
http://www.ubuntu.com/usn/usn-2485-1/

SUSE

SUSE CVE-2015-0235 link:
http://support.novell.com/security/cve/CVE-2015-0235.html

Debian

Debian glibc latest versions:
https://security-tracker.debian.org/tracker/CVE-2015-0235

Debian CVE-2015-0235 link:
https://www.debian.org/security/2015/dsa-3142

Other Links

Qualys
https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability

US-Cert
https://www.us-cert.gov/ncas/current-activity/2015/01/27/Linux-Ghost-Remote-Code-Execution-Vulnerability

NIST
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0235

GNU C Library
http://www.gnu.org/software/libc/