The other day, buffer overflow in the __nss_hostname_digits_dots() function of the GNU
C Library (glibc) was discovered. This vulnerability is known as known as “GHOST”.
An attacker will exploit this vulnerability and can remotely manipulate the system password and ID.
- OSS-security – Qualys Security Advisory CVE-2015-0235-GHOST: glibc gethostbyname buffer overflow
- ALAS-2015-473
Amimoto AMI Self-Hosted Clients
Amazon Linux patches that have been applied are already being delivered. Please restart the instance after the update.
After logging in to your EC2 instance by SSH, run the following command. (when you run “sudo reboot”, your EC2 instance will be restarted.)
$ sudo yum update glibc glibc-* nscd $ sudo reboot
Amimoto AMI Managed Hosting Clients
We will continue our support on this, and we will manage it for you.
Support completed on 1st February 2015.