Table of Contents
Ubuntu - Vulnerabilities - GHOST
A GNU C Library (glibc) vulnerability, referred to as the GHOST vulnerability. The vulnerability allows remote attackers to take complete control of a system by exploiting a buffer overflow bug in glibc's GetHOST functions (hence the name).
The GHOST vulnerability can be exploited on Linux systems that use an unpatched version of glibc from versions 2.2 to 2.17.
It is highly recommended that you update and reboot all of your affected Linux servers.
Check System Vulnerability
The easiest way to test if your servers are vulnerable to GHOST is to check the version of glibc that is in use.
Check the version glibc by looking up the version of ldd (which uses glibc) like this:
ldd --version
The first line of the output will contain the version of eglibc, the variant of glibc that Ubuntu and Debian use. It might look like this:
ldd (Ubuntu EGLIBC 2.15-0ubuntu10.7) 2.15 Copyright (C) 2012 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Written by Roland McGrath and Ulrich Drepper.
Fix Vulnerability
The easiest way to fix the GHOST vulnerability is to use your default package manager to update the version of glibc.
sudo apt-get update && sudo apt-get dist-upgrade
Then respond to the confirmation prompt with y.
When the update is complete, reboot the server with this command:
sudo reboot
A reboot is necessary since the GNU C Library is used by many applications that must be restarted to use the updated library.