Severe “Ghost” flaw leaves Linux systems vulnerable to takeover

A serious vulnerability in a key Linux library could let attackers take complete control of systems, such as servers, that are based on the open-source operating system. Those running Linux systems are advised to download a patch for their distribution immediately.

Qualys researchers discovered the “Ghost” vulnerability – named for the fact that it can be triggered by “gethostbyname” DNS resolution functions – during a recent code audit.

In a Tuesday blog post and video they said they had “developed a proof-of-concept in which we send a specially created e-mail to a mail server and can get a remote shell to the Linux machine,” though they won’t release this exploit until they see around half of the Linux servers out there have been patched appropriately.

The researchers said the buffer overflow flaw in the GNU C (“glibc”) library had been around since 2000 and had actually been fixed in 2013 (only versions before 2.18 are affected). However, it wasn’t recognized as a security threat at the time, so many long-term-support versions of Linux distros are still affected.

Distros that are known to be affected include: Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7, and Ubuntu 12.04. Patches for these distros are now available to download, and doing so would be a very good idea. End-of-life distros are obviously also affected, but you shouldn’t be using those anyway.

It’s impossible to tell whether the vulnerability has been exploited, though Trend Micro has noted, “with only four or eight bytes as the initial exploit vector, gaining further access is highly dependent on application design and memory usage.” Also, as Robert Graham at Errata Security has pointed out, the gethostbyname() function is obsolete and people should rather be using the IPv6-friendly getaddrinfo() function instead.

This article was updated at 2.15am PT to include Trend Micro’s observation.

Red Hat dilemma: Cloud players balk at new support fees

Red Hat is changing its support price model in a way that opens the door to rival operating systems — including Windows –at least in the cloud service provider market and perhaps more broadly. One service provider said his support costs will more than double.

For Red Hat, it’s all about (what else?) cloud

Red Hat is the Microsoft of Linux. But now, like Microsoft itself, it obsesses more on cloud infrastructure than lowly operating systems. Questions about Red Hat’s OpenShift PaaS and CloudForms IaaS dominated last night’s earnings call, but CEO Jim Whitehurst was cautious on revenue predictions.

Novell’s Patents Are Complicating Its Sale

Novell has put itself on the auction block, but a deal has been slow in closing. According to sources close to the company, this likely stems from the difficulty of accurately assessing the value of Novell’s patent portfolio in conjunction with its legacy product portfolio and associated business.