Announcement Announcement Module
Collapse
No announcement yet.
glibc vulnerability Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • glibc vulnerability

    A highly critical vulnerability has noticed in glibc ( GNU C Library ) . For CentOS/RedHat, only version 6 and 7 are affected. CentOS 5 (RedHat 5) and older versions are not affected by this. Just clicking on a link or connecting to a server can result in remote code execution (RCE), allowing hackers to steal credentials, spy on users, seize control of computers, and many more. To understand more about the vulnerability please read the article https://access.redhat.com/security/cve/CVE-2015-7547

    Versions affected: All glibc from 2.9 to 2.22 are affected by this vulnerability.


    How to check the vulnerability
    ----------------------------------------------
    For an example here I am using my CentOS 6 machine.

    # rpm -qa | grep -i glibc
    glibc-2.12-1.149.el6_6.5.x86_64
    glibc-headers-2.12-1.149.el6_6.5.x86_64
    glibc-common-2.12-1.149.el6_6.5.x86_64
    glibc-devel-2.12-1.149.el6_6.5.x86_64

    From the above result its clear that the installed glibc is vulnerable

    This vulnerability has been there since glibc 2.9 which was originally released on Nov 2008. Now that this has become uncovered, you should patch your system immediately.

    Patch for glibc vulnerability
    -----------------------------------------
    To fix the problem just update the installed glibc library

    # yum -y update glibc
    ..
    Updated: glibc.x86_64 0:2.12-1.166.el6_7.7

    Dependency Updated:
    glibc-common.x86_64 0:2.12-1.166.el6_7.7
    glibc-devel.x86_64 0:2.12-1.166.el6_7.7
    glibc-headers.x86_64 0:2.12-1.166.el6_7.7
    Last edited by Rinshad.r; 23rd February 2016, 01:58 PM. Reason: hack linux vulnearability
Tag Cloud Tag Cloud Module
Collapse
Working...
X