TPS-2015-001 Security Advisory for "GHOST" Vulnerability on Linux Systems (CVE-2015-0235)

This notice is to advise Joyent Public Cloud and Smart Data Center customers of the recently identified glibc Linux security issue CVE-2015-0235 (GHOST).

This vulnerability can be triggered by the gethostbyname functions, impacting many systems built on Linux.

How can you determine whether you are vulnerable?

You can scan for this vulnerability using the Qualys Vulnerability Management Cloud Solution as QID 123191. If you think you may be affected, patches are available from all of the Linux vendors starting today.

Please note that this vulnerability does not impact SmartOS.

For more information on GHOST, including a podcast, please visit the Laws of Vulnerabilities blog.