it.ucsf.edu

Security Update:A Critical Linux Security Hole, GHOST, is Revealed

Status Type

Security Update

Date and Time

Tuesday, January 27, 2015 - 14:32

Reason

Security Update

Impact

All Linux Users

WHAT HAPPENED?

Qualys Security Advisory reports a critical vulnerability in glibc, the GNU C library that affects all Linux systems dating back to 2000. The vulnerability, CVE-2015-0235, has already been nicknamed GHOST because of its relation to the GetHOST functions.

Advanced Users: For a complete description of the vulnerability refer to Qualys Security Advisory CVE-2015-0235 at https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt.
 

AFFECTED SYSTEMS:

  • All Linux Systems


WHAT'S THE PROBLEM?

Attackers can use this flaw to execute code and remotely gain control of Linux machines.


HOW DO I PROTECT MY COMPUTER?

Update your software

  1. If you are supported by ITFS or have different IT support, no action on your part is required.
  2. If you do not have IT support or they do not support your computer, contact your respective Linux distributor for an update if not listed below:

 

RELATED LINKS