oss-sec mailing list archives
Re: workaround for GHOST glibc vulnerability CVE-2015-0235
From: Florian Weimer <fweimer () redhat com>
Date: Tue, 03 Feb 2015 11:30:13 +0100
On 02/02/2015 03:52 PM, Constantine Shulyupin wrote:
CVE-2015-0235-workaround is a shared library wrapper with additional checks for the vulnerable functions gethostbyname2_r and gethostbyname_r . The proper solution for CVE-2015-0235 is to upgrade glibc to at least glibc-2.18. In some cases, an immediate glibc upgrade is not possible, for example in custom production embedded systems, because such an upgrade requires a validation of the whole system. In such cases, this workaround provides a hot fix solution, which is easier to validate. Source code: https://github.com/makelinux/CVE-2015-0235-workaround
You should make all symbols static. With the current code, you risk symbol collisions. Why don't you hook gethostbyname? I'm not sure if gethosybyname is implement in terms of gethostbyname_r. (The call stacks I have suggest it isn't.) -- Florian Weimer / Red Hat Product Security
Current thread:
- workaround for GHOST glibc vulnerability CVE-2015-0235 Constantine Shulyupin (Feb 02)
- Re: workaround for GHOST glibc vulnerability CVE-2015-0235 Florian Weimer (Feb 03)
- Re: workaround for GHOST glibc vulnerability CVE-2015-0235 Constantine Shulyupin (Feb 03)
- Re: workaround for GHOST glibc vulnerability CVE-2015-0235 Qualys Security Advisory (Feb 03)
- Re: workaround for GHOST glibc vulnerability CVE-2015-0235 Florian Weimer (Feb 03)