GHOST glibc Security Vulnerability

Red Hat Product Security is aware of a critical vulnerability in the glibc library. This vulnerability is commonly known as GHOST and has been assigned CVE-2015-0235.

GHOST is a 'buffer overflow' bug affecting the gethostbyname() and gethostbyname2() function calls in the glibc library. This vulnerability allows a remote attacker to execute arbitrary code with the permissions of the user running the application.

The gethostbyname() function calls are used for DNS resolving, which is a very common event. To exploit this vulnerability, an attacker must trigger a buffer overflow by supplying an invalid hostname argument to an application that then calls gethostbyname().

The easiest way to check vulnerability and/or confirm remediation is the Red Hat Access Lab: GHOST - gethostbyname Detector.

For more information, please see this Red Hat Customer Portal Knowledge Article.

If you have questions or concerns, please contact Red Hat Technical Support.

このアナウンスメントの日本語版については、こちらをご確認ください。