Severe Glibc Flaw Puts Every Linux Machine in Danger

Glibc, also known as the GNU C Library, is carrying a critical vulnerability. Glibc is used as the C library in the GNU system and in GNU/Linux systems, as well as many other systems that tap Linux as the kernel.

The widespread use of glibc puts every Linux machine at risk of a remote code execution, which means a hacker can plant and run code on a machine from a remote computer. The bug has been patched.

During a debugging project, a Google engineer randomly discovered a segmentation fault every time he tried to connect to a specific host. When a program is trying to read or write an illegal memory location, a segmentation fault causes programs to crash, according to Indiana University.

?EU?Our initial investigations showed that the issue affected all the versions of glibc since 2.9. You should definitely update if you are on an older version though,?EU? Fermin Serna, staff security engineer and Kevin Stadmeyer, technical program manager at Google, wrote in a blog post. ?EU?If the vulnerability is detected, machine owners may wish to take steps to mitigate the risk of an attack.?EU?

What Happened?

According to Google researchers, the glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the ?EU?getaddrinfo()?EU? library function is used. Attackers can use domain names and DNS servers to exploit the hack, or launch man-in-the-middle attacks. A man-in the-middle attack is when an attacker secretly relays and sometimes alters communications between two people or parties who believe they are genuinely talking directly to one another.

However, although remote code execution is possible, it?EU?s not especially easy. An attacker would have to find out a way to get around security mitigations the system contains, like ASLR. ASLR stands for address space layout randomization, which security firm Symantec defines as a prophylactic security...

Comments are closed.