Glibc: Extremely severe bug leaves number of software and devices vulnerable

Researchers have discovered a potentially catastrophic flaw in glibc,  that leaves hundreds or thousands of apps and hardware devices vulnerable to attacks.

Just clicking on a link or connecting to a server can result in remote code execution (RCE), allowing attackers to steal data or even control your computer. 

The vulnerability was introduced in 2008 in GNU C Library, a collection of open source code that powers most distributions of Linux, including those distributed with routers and other types of hardware.

The function getaddrinfo() which performs domain-name lookups contains a buffer overflow bug that allows attackers to remotely execute malicious code. This code can be invoked when your application or device makes queries to domain names or name servers under an attackers control. This bug can also be invoked when adversaries have the ability to manipulate name server queries by man-in-the-middle attack. All versions of glibc after 2.9 are vulnerable.

Most of the distributions have given advisories on how to prevent this attack or upgrade to a newer glibc which does not have this bug. It is advised that you follow these instructions to protect your network and data.

You need to also check whether your routers, security devices are vulnerable to this bug and ways to upgrade the firmware to prevent it.

GajShield Security Times: