A potentially serious security threat that affects Linux 6, Linux 7, CentOS 6 and CentOS 7 operating systems has recently been identified.
The Linux Security team are treating this latest exploit as ‘Critical’ and it must be remedied by all technical providers straight away.
The security threat found is a serious weakness in the GNU C Library (GlibC), which is included in many standalone applications, including Linux distributions, network routers and other types of IT hardware.
The service called getaddrinfo, that performs domain-name lookups, contains a vulnerability that allows attackers to remotely execute malicious code within the affected software distributions that use this facility. Like many of the previous exploits it could potentially expose vulnerable systems to man-in-the-middle attacks where the hacker can monitor/manipulate data stored on a vulnerable device, which has an open connection to the internet.
At this moment in time – it is known that all versions of GlibC later than version 2.9 are vulnerable to this type of attack.
DigitalConfig provides website design and development in Liverpool. All our client websites are hosted on our own network of secure servers. We will personally be updating our servers to protect our clients and their data.
We are also urging all other website hosting providers to plan out their required updates and that they patch their systems within a few weeks of reading this blog.
For more information regarding the latest threat and the necessary steps required to mitigate its affect on your systems – please read the full article on the official Red Hat distribution website: Red Hat’s Knowledge base entry.