Kitz Forum

Computer Software => Security => Topic started by: sevenlayermuddle on February 17, 2016, 07:05:58 PM

Title: Another Linux (glibc) exploit
Post by: sevenlayermuddle on February 17, 2016, 07:05:58 PM

As screamed by The Register..

http://www.theregister.co.uk/2016/02/16/glibc_linux_dns_vulernability/

Quote

Patch ASAP: Tons of Linux apps can be hijacked by evil DNS servers, man-in-the-middle miscreants

In fairness, I don't hold El Reg in high esteem these days, and I think their headline is probably alarming and misleading.

All the same, worth hoping for an update for any routers, Smart TVs etc, that might use embedded Linux.  'hoping' being the operative word.     ::)

Title: Re: Another Linux (glibc) exploit
Post by: burakkucat on February 17, 2016, 07:14:45 PM

That article appears to be rather "gutter-press" like and appears to be designed as "sensational" / "shock" / "horror", etc.

Unfortunately, they are rather behind the times with that report -- quite simply it is out of date stale news!  ::)

Title: Re: Another Linux (glibc) exploit
Post by: broadstairs on February 17, 2016, 07:42:49 PM

I seem to remember a patch for this in OpenSUSE ages ago....

Stuart

Title: Re: Another Linux (glibc) exploit
Post by: ejs on February 17, 2016, 07:46:36 PM

Fedora got a glibc update for this today.

Also, most routers tend to use uClibc, which is smaller than glibc, and presumably won't have the exact same bugs, as it's a different project.

Title: Re: Another Linux (glibc) exploit
Post by: sevenlayermuddle on February 17, 2016, 07:58:34 PM

The Beeb covered it too, another organisation of which I have low opinion. :(

http://www.bbc.co.uk/news/technology-35592916

Quote

Glibc: Mega bug may hit thousands of devices

Interesting use of SI unit 'Mega' to create the splash-bang-wallop headline, then qualify the story describing affected devices with the mere word  'thousands'. :D

All the same, Beeb does link to the Google blog that announced the issue.  It was dated 16th Feb, so I suspect it is a new issue, despite resemblance to previous. 

https://googleonlinesecurity.blogspot.co.uk/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html

Title: Re: Another Linux (glibc) exploit
Post by: burakkucat on February 17, 2016, 09:58:01 PM

Quote from: sevenlayermuddle on February 17, 2016, 07:58:34 PM

. . . the Google blog that announced the issue.  It was dated 16th Feb, so I suspect it is a new issue, despite resemblance to previous. 

https://googleonlinesecurity.blogspot.co.uk/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html

That is a public announcement by Google, the problem was discovered and essentially resolved before that date. As I commented earlier out-of-date, stale news!  ;)

It is best to consult the definitive listing for all CVEs -- at Mitre (https://cve.mitre.org/).

Title: Re: Another Linux (glibc) exploit
Post by: Chrysalis on February 17, 2016, 11:32:26 PM

Quote from: ejs on February 17, 2016, 07:46:36 PM

Fedora got a glibc update for this today.

Also, most routers tend to use uClibc, which is smaller than glibc, and presumably won't have the exact same bugs, as it's a different project.

dont talk about routers :( they a disaster waiting to happen, the vast majority of linux based routers I have used, use code that's circa 10 years old.