How to protect a Linux server from Ghost critical vulnerability. Update OS!

    A critical vulnerability has been identified in the Glibc system library ( CVE-2015-0235 ), which can be used to organize the execution of code in the system. The problem manifests itself when processing specially formatted data in the gethostbyname () and gethostbyname2 () functions, which are used in many programs to convert the host name to IP address. In terms of severity, the vulnerability that received the code name GHOST is comparable to the vulnerabilities in Bash and OpenSSL . Working exploit prototypes exist. Windows is not affected by this vulnerability.

    Container servers using OS-level virtualization in the cloud and VPSWe updated independently for all users. Actions are required only for users of virtual machines (created with the “enable OS kernel control” checkbox selected).

    What OS are vulnerable?

    Vulnerabilities are affected by long-running industrial distributions that require immediate updates. In particular, the problem manifests itself in Debian 7 , CentOS 6 and 7, Ubuntu 12.04 .

    How to protect yourself?

    Corrections have already been released for Ubuntu 12.04 , Debian 7 , CentOS 6 and 7 . It is recommended that you upgrade all Linux systems, regardless of whether the OS is on the list of vulnerable ones. All Infobox and InfoboxCloud infrastructure is already updated.

    How to update the OS?

    Connect to the server via SSH .

    For Ubuntu and Debian:
    Run the command:
    apt-key update && apt-get update && apt-get -y upgrade

    For CentOS
    Run the command:
    yum -y update

    For OpenSuse:
    Run the command:
    zypper refresh && zypper update -y

    After the upgrade, restart the server.
    Please install operating system security updates in a timely manner to avoid problems.

    Also popular now: