Patch ASAP: Linux can be hijacked by malicious DNS servers

Google’s security team announced on the 15th of February that they found a serious vulnerability in the glibc library, which is a vital component in the vast majority of Linux distributions.    linux-penguin

The Google team found that the glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo() library function is used. Software using this function may be exploited with attacker-controlled domain names, attacker-controlled DNS servers, or through a man-in-the-middle attack.

Remote code execution is possible, but not straightforward. It requires bypassing the security mitigations present on the system, including memory protection processes such as ASLR, and firewalls which may filter out malformed DNS replies.

The issue affected all the versions of glibc since 2.9, however, it may be prudent to address the issue even if you are running older version of this library.  The glibc project have issued a patch for the flaw which is available here, and should also now be available through all the affected Linux distro’s updates.

Read the original Google announcement here.