A new GNU C library vulnerability was announced a couple of weeks ago and exposes a critical flaw affecting almost all Linux machines. Discovered independently by Google and Red Hat, the flaw is described as “extremely severe”.
The flaw is a stack-based buffer overflow in the glibc DNS client-side resolver that leaves Linux systems and other software vulnerable to remote code execution.
Experts urge admins to patch immediately.
“It qualifies as an urgent ‘patch today’ vulnerability,” said Kenneth White, security researcher and director of the Open Crypto Audit Project (OCAP). (source)
Anyone who is in a position to update should do so as soon as possible. (source)
A GreenRADIUS update was released last week to protect against this vulnerability. The latest full build is also updated and is available now. As always, Green Rocket Security is focused on making sure GreenRADIUS is always updated against known threats. Contact us today to learn more.