dev00
Posts: 2
Joined: Tue Jan 27, 2015 11:10 pm

Rapsbian vulnerable to 'GHOST' exploit

Tue Jan 27, 2015 11:14 pm

Today announced:
https://security-tracker.debian.org/tra ... -2015-0235
http://www.openwall.com/lists/oss-security/2015/01/27/9

It affects all glibc before 2.18 which means it affects all rapsbian builds because it has glibc 2.13

It allows remote remote code execution in certain cases.
I hope this fill be fixed ASAP

User avatar
mahjongg
Forum Moderator
Forum Moderator
Posts: 13580
Joined: Sun Mar 11, 2012 12:19 am
Location: South Holland, The Netherlands

Re: Rapsbian vulnerable to 'GHOST' exploit

Tue Jan 27, 2015 11:55 pm

wouldn't worry too much, unless someone explicitly targets PI's (very unlikely) otherwise most exploits will contain x86 code that doesn't run on the PI. x86 debian machines are a much "juicer" target.

johny
Posts: 58
Joined: Tue Apr 24, 2012 10:00 am
Location: Australia

Re: Rapsbian vulnerable to 'GHOST' exploit

Wed Jan 28, 2015 1:55 am

I think you underestimate just how many raspberries are out there on the internet by now. I'm certainly hoping to upgrade glibc on the handful of Pis that I run, and to upgrade a number of in-field units at $work.

plugwash
Forum Moderator
Forum Moderator
Posts: 3723
Joined: Wed Dec 28, 2011 11:45 pm

Re: Rapsbian vulnerable to 'GHOST' exploit

Wed Jan 28, 2015 2:43 am

Fix has been uploaded, should hit the public repos on the next update run in a few hours.

Version 2.13-38+rpi2+deb7u7

ktb
Posts: 1447
Joined: Fri Dec 26, 2014 7:53 pm

Re: Rapsbian vulnerable to 'GHOST' exploit

Wed Jan 28, 2015 7:32 am

plugwash wrote:Fix has been uploaded, should hit the public repos on the next update run in a few hours.

Version 2.13-38+rpi2+deb7u7
That response time is prettay, prettay good. 8-)

awh
Posts: 5
Joined: Thu Mar 06, 2014 9:11 am

Re: Rapsbian vulnerable to 'GHOST' exploit

Wed Jan 28, 2015 11:18 am

plugwash wrote:Fix has been uploaded, should hit the public repos on the next update run in a few hours.

Version 2.13-38+rpi2+deb7u7
Thanks for this plugwash, greatly appreciated!

Massi
Posts: 1691
Joined: Fri May 02, 2014 1:52 pm
Location: Italy

Re: Rapsbian vulnerable to 'GHOST' exploit

Wed Jan 28, 2015 12:18 pm

ktb wrote:
plugwash wrote:Fix has been uploaded, should hit the public repos on the next update run in a few hours.

Version 2.13-38+rpi2+deb7u7
That response time is prettay, prettay good. 8-)
lol, this is embarassing good!
I'm thinking about linking this 3ed on the qnap forum :D

Tecrekka
Posts: 9
Joined: Sat Dec 28, 2013 3:45 am

Re: Rapsbian vulnerable to 'GHOST' exploit

Wed Jan 28, 2015 3:50 pm

Hello everyone.

Thank you plugwash for such a speedy solution to this vulnerability.

I am quite a noob and would like to ask, how can I apply this patch/fix?

Is it as simple as a apt-get update/apt-get upgrade, etc?

Thank you.

User avatar
rpdom
Posts: 18002
Joined: Sun May 06, 2012 5:17 am
Location: Chelmsford, Essex, UK

Re: Rapsbian vulnerable to 'GHOST' exploit

Wed Jan 28, 2015 4:07 pm

Tecrekka wrote:Is it as simple as a apt-get update/apt-get upgrade, etc?
Just apt-get update;apt-get upgrade. No etc required ;)

Tecrekka
Posts: 9
Joined: Sat Dec 28, 2013 3:45 am

Re: Rapsbian vulnerable to 'GHOST' exploit

Wed Jan 28, 2015 6:13 pm

rpdom wrote:
Tecrekka wrote:Is it as simple as a apt-get update/apt-get upgrade, etc?
Just apt-get update;apt-get upgrade. No etc required ;)

lol, ;) Thanks!

srpsco
Posts: 3
Joined: Thu Aug 02, 2012 9:19 am

Re: Rapsbian vulnerable to 'GHOST' exploit

Thu Jan 29, 2015 12:29 pm

"Just apt-get update;apt-get upgrade. No etc required"

Etc. is required. Because there may be processes running that are still linked to the vulnerable version of libc, you do need to reboot to ensure that you are no longer vulnerable.

plugwash
Forum Moderator
Forum Moderator
Posts: 3723
Joined: Wed Dec 28, 2011 11:45 pm

Re: Rapsbian vulnerable to 'GHOST' exploit

Thu Jan 29, 2015 3:48 pm

The main thing seems to be to make sure exim is restarted if you are using it. A reboot is the paranoid thing to do but AIUI it takes a very sepific set of circumstances for this to ammount to more than a crash bug and exim is the only peice of software i'm aware of that meets those circumstances.

Tecrekka
Posts: 9
Joined: Sat Dec 28, 2013 3:45 am

Re: Rapsbian vulnerable to 'GHOST' exploit

Thu Jan 29, 2015 11:31 pm

srpsco wrote:"Just apt-get update;apt-get upgrade. No etc required"

Etc. is required. Because there may be processes running that are still linked to the vulnerable version of libc, you do need to reboot to ensure that you are no longer vulnerable.

Ah, makes sense, Thanks.
I always reboot, anyway, but good to be sure.

Return to “Raspberry Pi OS”