Usually Linux Operating System is known for its virus free as well as secure platform to work with. But now a team of experts have found that there is a critical security hole in Linux which can give complete control of the targeted computer to the remote hackers without user's consent. The Security loop hole is labeled as GHOST vulnerability and it has been found in Linux glibc. Here you will get detail information on every aspects of this vulnerability along with its consequences. Apart from that you will also know, how to overcome this situation.
What is Linux GNU C Library (glibc)
First of all we will discuss about what is Linux GNU C Library and why it is important for this operating system? glibc or Linux GNU C Library is a core part of Linux based System and it is also an implementation of C Library. This is highly essential part of this OS, because without this library Linux system can not function and work properly. Linux system starts with glibc -2.2 which is released on 10th Nov 2000. After that this library is updated and recently glibc-2.18 is running. Unfortunately the security hole found by researcher has not been covered in its latest version. After getting an idea about the Linux GNU C Library, now its time to know about what exactly vulnerability is and why it is called as GHOST vulnerability?
What is GHOST vulnerability in Linux GNU C library
Panel of working professionals discovered a buffer overflow in a function of glibc know as __nss_hostname_digits_dots(). Using which hackers can trigger gethostbyname*() functions either remotely or locally and gain complete access of targeted PC. In order to do so, they only have to send one mail on the associated PC and then hostname will be converted into IP address. Apart from that it also get other information to take full control of the targeted machine. Mostly hackers need to know user's login ID, password, system ID etc for elicit purposes. It is able to bypass the protection such as NX, ASLR and PIE on 64 and 32 Bit computer.
Which Linux Version Can Be Affected
Since GHOST (CVE-2015-0235) vulnerability in Linux glibc has not been covered in its recent version, hence various Linux version can be affected such as Red Hat Enterprise Linux 6 & 7, RHEL 5, 6, and 7, Debian 7 (wheezy), Ubuntu 12.04, CentOS 6 & 7 etc. But it does not mean that your become open for hackers, because there is a room to make your system safe from upcoming bug via Internet.
Is This a Real Risk?
Yes it is a actual risk associated with Linux based system. During testing, researchers has find a proof of concept by sending specially created email to the related server and finally get access of remote Linux computer. It may happen due to GHOST (CVE-2015-0235) in glibc function. Using remote code execution method hackers trigger bugs remotely to the targeted system easily. In such a way it is easy to exploit your computer and manipulate its data as per its requirement. In the sent mail user may find message saying that latest patch is available by your Linux vendor, which you should get it as soon as possible and update the system with no hassle. Here it is advised that not to believe on this type of mail and must not click on any link given in such mails, which can create security related issues on your PC.
Is this GOSH vulnerability is Design Flaw?
It is quite obvious to think about such question to being a common Linux user. But let me know you that it is not issue related with the design. It is an implementation problem in associated as well as infected version of this operating system. Actually security advisors didn't emphasis on this hole during its implementation and after the launch of the related version user may face this GHOST vulnerability , a critical security hole in Linux GNU C Library unexpectedly. After that encounter with several security and other awful issues on the system specially when working online. After invasion of this GHOST vulnerability in Linux GNU C library, linux developers get cautious and look for its solution. In this regard users are advised to go through below given information for better understand how to overcome this situation.
In these circumstances it is strongly recommended to update your Linux based system with its related and updated Patch as quickly as possible. After doing that you are advised to reboot your system to make the update successful. Although in Linux based system usually reboot is not required, but since gethostbyname*() functions is called by several core processes like udevd, dbus-daem, auditd, sshd, init, rsyslogd, master, xinetd, dhclient, mysqld etc. Hence it is has become important to restart the system to make sure that computer and its programs are running with patched codes.
After going through the above given information you may come across all facts related with GHOST, a critical security hole which has been revealed now in Linux GNU C library. Not only that, you may also better find the solutions of the query associated with this issues on linux based system. Therefore it is recommended that do not let your PC open for hackers to trigger bugs into your computer by using this vulnerability. Finally keep your Linux machine updated with latest patches and avoid being hacked by cyber crooks. It is one and only solution to handle GHOST vulnerability issue on Linux based computer system.