Logo
Get A Demo
  1. Home
  2. Blog
  3. Cybersecurity
  4. Responding to Glibc Critical Vulnerability

Last updated February 15th, 2023 by Michael Furman

On February 16th a critical vulnerability in glibc, a widely used open source library that powers thousands of standalone applications and most distributions of Linux, was published by researchers from Google. Within 24 hours Tufin had announced the impact to our subscribed customers and delivered a patch for this vulnerability.

The GNU C Library, commonly known as glibc, is a collection of open source code that is the core building block of Linux-based Software and Hardware. The potentially catastrophic flaw (CVE-2015-7547) is a buffer overflow bug in domain-name lookups performed by getaddrinfo(), that allows attackers to remotely execute malicious code. A remote attacker could create a specially crafted DNS response which could cause the vulnerable application or device to crash or, potentially, monitor and manipulate data passing between the vulnerable device and the open Internet. This stack-based buffer overflow was introduced back in 2008, and all versions of glibc after 2.9 are vulnerable.

Anyone responsible for Linux-based software or hardware that performs domain name lookups should address this vulnerability as soon as possible. We recommend to check with all your Linux or Unix-based vendors what the affected products are and to request the appropriate patch for this vulnerability. Security researchers say the vulnerability extends to an almost incomprehensibly large body of software, including virtually all distributions of Linux; the Python, PHP, and Ruby on Rails programming languages; and many other things that uses Linux code to look up the numerical IP address of an Internet domain. Most Bitcoin software is reportedly vulnerable, too.

To help Tufin customers with this urgent task, we built and published a patch for TufinOS 2.x installations on the Tufin user portal (TufinOS 1.x versions are not vulnerable to this buffer overflow flaw). If you did not receive this patch, or if you wish to receive prompt alerts on future vulnerabilities as they happen, please subscribe to our security announcements. If you still haven’t deployed the patch and require assistance, please contact our support team.

Don't miss out on more Tufin blogs

Subscribe to our weekly blog digest

In this post:

Background Image

Related Posts

Air-Gapped Computers: A Deep Dive into Security and Connectivity
Air-Gapped Computers: A Deep Dive into Security and Connectivity
Hybrid Mesh Firewall: Network Security Enhanced
Hybrid Mesh Firewall: Network Security Enhanced
Data Security Posture Management: Cybersecurity Explained
Data Security Posture Management: Cybersecurity Explained
Hardware Firewalls & Their Crucial Rule in Network Security
Hardware Firewalls & Their Crucial Rule in Network Security

Top Posts

How to Perform a Firewall Audit – Policy Rules Review Checklist
How to Perform a Firewall Audit – Policy Rules Review Checklist
Understanding AWS Route Table: A Practical Guide
Understanding AWS Route Table: A Practical Guide
What is a Firewall Ruleset? How can it help me?
What is a Firewall Ruleset? How can it help me?
Tech How-To: Configure Your Firewalls to Block the “WannaCry” Ransomware Attack
Tech How-To: Configure Your Firewalls to Block the “WannaCry” Ransomware Attack
Close