Security Update:CRITICAL GNU glibc Vulnerability
Date and Time
glibc 2.9 and earlier
A popular open-source C library (GNU glibc) used by thousands of Unix-like machines and software contains a CRITICAL vulnerability.
Advanced Users: For a complete description of the vulnerability, affected software, and solutions refer to CVE-2015-7547 --- Glibc Getaddrinfo() Stack-based Buffer Overflow: https://www.sourceware.org/ml/libc-alpha/2016-02/msg00416.html.
Applications, distributions and devices running glibc 2.9 and earlier
WHAT'S THE PROBLEM?
Glibc, or GNU C Library, is a version of the main C-Library (libc) that Unix systems rely on to run. It contains a set of all the standard features and functions required by Unix systems.
Exploitation of the vulnerability may allow an attacker to take control of your computer or result in a denial of service (DoS) condition.
HOW DO I PROTECT MY COMPUTER?
Apply system updates to affected systems as soon as patches become available and as soon as operationally feasible.
- Refer to CVE-2015-7547 --- Glibc Getaddrinfo() Stack-based Buffer Overflow: https://www.sourceware.org/ml/libc-alpha/2016-02/msg00416.html
- IT Security - http://it.ucsf.edu/security