Home How A Linux “Ghost” Spooked The Security World

How A Linux “Ghost” Spooked The Security World

A vulnerability in a widely used component of many Linux distributions could allow remote attackers to take control of a system. Researchers at Qualys have dubbed it Ghost since it can be triggered by the “gethost” functions in Linux.

See also: How To Protect Yourself Against The Internet “Poodle” Attack

The vulnerability can be found in the in the GNU C Library, known as glibc for short. Without glibc, a Linux system couldn’t function. The flaw is found in __nss_hostname_digits_dots(), a glibc function that’s invoked by the gethostbyname() and gethostbyname2() function calls. An attacker able to access either function could take remote control of the entire Linux system.

A series of misfortunes have helped Ghost to slip through the cracks. First of all, the bug had been previously identified and fixed back on May 21, 2013, as Qualys CTO Wolfgang Kandek writes. However, at the time it was seen only as a flaw, not a threat, and no further patching was done:

Unfortunately, it was not recognized as a security threat; as a result, most stable and long-term-support distributions were left exposed including Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7, Ubuntu 12.04, for example.”

Secondly, since Ghost affects a code library that’s integral to the Linux system, patching it is no simple fix. Patching the GNU C Library will mean that the Linux core functions, or the entire affected server, will have to be rebooted. Companies will have to schedule that downtime, which means affected servers could stay vulnerable for some time longer.

With all the worlds’ Linux distributions to choose from, it’s unlikely your homebrew Linux server is anywhere near high risk. And now that Red Hat, Debian, Ubuntu and Novell have all issued patches, Linux server operators have the resources to stay in the clear. 

Photo by Jon Feinstein

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.