CentosDebianLinuxUbuntu

Patch Linux Ghost (CVE-2015-0235)

If you run a Linux server, and you’re on top of things, you’ve heard of GHOST.. which is a heap buffer overflow vulnerability announced today. Distributions are working on a patch and some are ready now.

About GHOST Vulnerabilities

The GHOST vulnerability is a serious weakness in the Linux glibc library. It allows attackers to remotely take complete control of the victim system without having any prior knowledge of system credentials. CVE-2015-0235 has been assigned to this issue.
More about GHOST Vulnerabilities

How to Patch Ghost On CentOS/RHEL

There is a patch available for CentOS 5, CentOS 6, CloudLinux5 and CloudLinux 6 in the repos.. soon for Debian as well. Here is how to patch in CentOS (or other yum / rhel flavor)
First, let’s see if you’re patched already by typing:

# rpm -q --changelog glibc|grep CVE-2015-0235

If you’re patched already, you’ll see:

- Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183532).

Example:

GHOST-Vulnerabilities
GHOST-Vulnerabilities

IF you do not see that, check to if the update is in your repos yet:

# yum clean all && yum update glibc

If it says “No Packages marked for Update” then try again later…
If it shows you an update is available, run the update, then reboot (because there are a lot of various services that use glibc and restarting is a lot easier than finding and restarting each one).

# shutdown -r now

How to Patch Ghost On Ubuntu/Debian

For currently supported versions of Ubuntu or Debian, update all of your packages to the latest version available via apt-get dist-upgrade:

$ sudo apt-get update && sudo apt-get dist-upgrade

Then respond to the confirmation prompt with y.
When the update is complete, reboot the server with this command:

$ sudo reboot

A reboot is necessary since the GNU C Library is used by many applications that must be restarted to use the updated library.

One Comment

Leave a Reply to Ray Lance Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Close