SUSE SLE vulnerability with gethostbyname (aka GHOST)

This document (7016113) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server 11 Service Pack 1 (SLES 11 SP1)
SUSE Linux Enterprise Server 11 Service Pack 2 (SLES 11 SP2)
SUSE Linux Enterprise Server 11 Service Pack 3 (SLES 11 SP3)
SUSE Linux Enterprise Server 10 Service Pack 4 (SLES 10 SP4)
SUSE Linux Enterprise Server 10 Service Pack 3 (SLES 10 SP3)
Expanded Support 5 (RES5)
Expanded Support 6 (RES6)
Expanded Support 7 (RES7)

Situation

SUSE has been made aware of a vulnerability affecting versions of the glibc package, which allows remote attackers to execute arbitrary code via a crafted call to gethostbyname*() (CVE-2015-0235 ). Certain services and applications utilize this glibc function and allow remote unauthenticated attackers to provide name lookup calls, allowing them to exploit this issue.

Resolution

1. Update your entire system with the latest system updates:

To make sure that you have the patches relative to these issues, update the complete system to the latest patch level (preferred option) by running the following commands from a terminal, after verifying that you have your patch channels configured:
  • zypper ref -s
  • zypper -t patch

Note: A reboot is required when updating glibc. In order for the patch to address the gethostbyname*() vulnerability listed for this CVE.

SUSE recommends that you always apply updates and consider running the latest version. 

You can verify your current version by typing at a command prompt:

     cat /etc/*release

For more information on how to upgrade can be found in TID 7012368.

2. Apply only the latest glibc patches

If you prefer to update only the glibc patches, use the following commands:

  • zypper ref -s
  • zypper up glibc

3.  Updating an Expanded Support Platform

In case of SLES Expanded Support platform:

  • yum update

4. Search on patchfinder

In the case that you are unable to update via the previous mentioned options, patchfinder is available for you to find the update manually. Patchfinder is located at https://download.suse.com/patch/finder

https://download.suse.com/patch/finder/

If you can not find the downloads for your OS version please contact Customer Support.

A direct download  for SLES Expanded Support is available at the following location

https://ptf.suse.com/f440cef0fbd41b734f782d2244eae09a/bnc915206/


Cause


Additional Information


Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7016113
  • Creation Date: 28-Jan-2015
  • Modified Date:14-Oct-2022
    • SUSE Linux Enterprise Desktop
    • SUSE Linux Enterprise Server

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.


SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center