On January 27, 2015, the GHOST vulnerability was announced by Qualys. This vulnerability allows remote attackers to take complete control of a system by exploiting a buffer overflow bug in a glibc function GetHOST. This vulnerability should be considered serious and all affected servers should be patched immediately.
The GHOST vulnerability can be exploited on Linux systems that use versions of the GNU C Library prior to glibc-2.18. All Linux systems that use glibc from versions 2.2 to 2.17 are at risk. The following Linux distributions should be checked and patched:
• CentOS 6 & 7
• Debian 7
• Red Hat Enterprise Linux 6 & 7
• Ubuntu 10.04 & 12.04
Install Security Updates:
The easiest way to fix the GHOST vulnerability is to upgrade glibc to the latest version.
CentOS / RHEL
Update glibc to the latest version via yum:
# sudo yum update glibc
Respond to the confirmation prompt with y.
NOTE: When the update is complete, reboot the server:
# sudo reboot
Ubuntu / Debian
For Ubuntu or Debian, update all of your system packages via apt-get dist-upgrade:
# sudo apt-get update && sudo apt-get dist-upgrade
Respond to the confirmation prompt with y.
NOTE: When the update is complete, reboot the server:
# sudo reboot