Glibc vulnerability – CVE-2015-7547
If you have been paying attention to recent news, you’ve probably heard about a critical vulnerability uncovered in the GNU C Library (glibc), is a key component of most Linux distributions. This includes servers running CentOS, Debian, Ubuntu, cPanel, Plesk (Linux), VMware and Xen.
So what does this mean?
CVE-2015-7547 is known to be a stack-based buffer overflow vulnerability in glibc’s DNS client-side resolver.
If left unpatched, the vulnerability can lead to remote code execution (RCE) could allow hackers to steal sensitive information, spy on the user or completely control the systems.
Exploits could lead to the following attacks:
- root level server compromise
- malware (virus or spyware)
- access to data or sensitive information
What is the GNU C Library (glibc)?
It is designed to be a portable and high performance C Library, which defines the ‘system calls’ and other basic functions.
What do you need to do?
When possible you should patch or update your Linux based systems and servers for glibc.
Please note that this vulnerability impacts:
- ESXi 5.5 and 6.0
- All versions of VMware virtual apps running on Linux. A patch has been released, ESXi550-201602401-SG to resolve the issue in ESXi 5.5 but a fix has yet to be released for ESXi 6.0.
- CentOS – for update please follow instructions here
What does this mean for cPanel servers?
The glibc library is provided by your operating system vendor. To update any affected servers, do the following:
1. Log into your server via SSH with root privileges
2. Run “yum clean all” to clear YUM’s local caches
3. Run “yum update” to install the patched version of glibc
4. After glibc is updated you should reboot the system to ensure all daemons load the newer version of the library.
You can ensure you are updated by running the command “rpm -q glibc”. The package information displayed should match the version numbers provided by Red Hat at https://access.redhat.com/articles/2161461
Red Hat Enterprise Linux 7 – glibc-2.17-106.el7_2.4
Red Hat Enterprise Linux 6 – glibc-2.12-1.166.el6_7.7
Steps that you need to take as an Admin/root of our servers running cPanel & WHM?
cPanel recommends that you configure the system to automatically update both the base operating system and the cPanel & WHM software automatically. These settings are located in WHM’s “Update Preferences” interface.
Windows-based products and ESXi versions prior to 5.5 have been reported as not being affected.
For more information r