HIRT-PUB15001: GNU C Library (glibc) 'GHOST' issue in Hitachi products

Last Updated: February 6, 2015

1. Overview

GNU C Library (glibc) contains a heap buffer overflow vulnerability that may allow an attacker to remotely execute arbitrary code. This vulnerability has been assigned CVE-2015-0235, and is commonly referred to as "GHOST".

January 27, 2015
A buffer overflow vulnerability in the __nss_hostname_digits_dots() function of the glibc was disclosed to the public by Qualys. Security update for glibc vulnerability (CVE-2015-0235) has been released for most major Linux distributions.

CVSS Severity

CVE-2015-0235: glibc Remote Heap Buffer Overflow Vulnerability

 Base Metrics: 6.8
  Access Vector: Network
  Access Complexity: Medium
  Authentication: None
  Confidentiality Impact: Partial
  Integrity Impact: Partial
  Availability Impact: Partial

 Temporal Metrics 5.0 (January 29, 2014)
  Exploitablity: Unproven that exploit exists
  Remediation Level: Official fix
  Report Confidence: Confirmed

• http://nvd.nist.gov/cvss.cfm?calculator&version=2&vector=(AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

2. Affected Systems

+ All versions of glibc from glibc-2.2 (released 2010-11-10) until glibc-2.17 (released 2012-12-25)
+ Linux and UNIX distributions that use glibc
+ Hitachi Products that use glibc

3. Impact

By attacking a service that uses a vulnerable version of glibc, a remote, unauthenticated attacker may be able to execute arbitrary code.

4. Solution

Apply an update

This issue is addressed in glibc. Followings are security update of Linux distributions. Also, please refer to the advisories in "5. Product Information" of Hitachi.

• CentOS
  
  • CESA-2015:0090 Critical CentOS 5 glibc Security Update
    http://lists.centos.org/pipermail/centos-announce/2015-January/020906.html
    
  • CESA-2015:0092 Critical CentOS 6 glibc Security Update
    http://lists.centos.org/pipermail/centos-announce/2015-January/020907.html
    
  • CESA-2015:0092 Critical CentOS 7 glibc Security Update
    http://lists.centos.org/pipermail/centos-announce/2015-January/020908.html
    
• Debian
  
  • DSA-3142-1 eglibc -- security update
    https://www.debian.org/security/2015/dsa-3142
    
• Red Hat
  
  • RHSA-2015:0090 Critical: glibc security update
    https://rhn.redhat.com/errata/RHSA-2015-0090.html
    
  • RHSA-2015:0092 Critical: glibc security update
    https://rhn.redhat.com/errata/RHSA-2015-0092.html
    
• SUSE
  
  • CVE-2015-0235
    http://support.novell.com/security/cve/CVE-2015-0235.html
    
• Ubuntu
  
  • USN-2485-1: GNU C Library vulnerability
    http://www.ubuntu.com/usn/usn-2485-1/
    

5. Product Information

February 6, 2015

+ Hitachi Server Products
    - Display/Keyboard unit/Switch Console Unit
    - Hitachi Server Navigator Installation Assistant

• HWS15-001: Solution of GNU C Library vulnerability (CVE-2015-0235) [Japanese]

January 30, 2015

+ Hitachi Open Middleware Products
    - JP1
    - Cosminexus
    - HiRDB
    - Hitachi Command Suite
+ Hitachi Server Products
    - BladeSymphony / Hitachi Compute Blade BS2500/BS2000/BS500/BS320/BS1000
      CB2500/CB2000/CB500/CB320 series
    - Virtage/Logical partitioning manager
      (BladeSymphony/Hitachi Compute Blade BS2500/BS2000/BS500/BS320/BS1000
      CB2500/CB2000/CB500/CB320 series)
    - Hitachi Advanced Server HA8000 / Hitachi Compute Rack series
    - Hitachi Advanced Server HA8500 series
    - Hitachi Advanced Server HA8000 / Hitachi Compute Rack series
    - Entry Blade Server HA8000-bd series
    - HA8000-tc series
    - Client Blade FLORA bd100/bd500 series
    - Thin Client FLORA Se210/Se330 series
    - Client Intagrated Management Software (Hitachi bd Link)
    - Entry class disk array model BR1200
    - Tape Library
    - Hitachi UPS/Management software/Hitachi UPS option, PowerMonitor H, PowerMonitor H for Network,
      SNMP interface card, Disk interface card, SNMP+Disk interface card
    - Hitachi Server Navigator Update Manager, Log Collect, Log Monitor, Alive Monitor, RAID Navigatorr
    - Hitachi Fibre Channel - Path Control Manager
+ Hitachi Storage Products
    - Hitachi Virtual File Platform
    - Hitachi Data Ingestor
    - Hitachi NAS Platform F
    - Hitachi Adaptable Modular Storage 2000, BR1600 (HSNM2)
    - Hitachi Unified Storage 100, BR1650 (HSNM2)
    - Hitachi Tape Array (TF) (HSNM2)
    - Hitachi Universal Storage Platform V/VM
    - Hitachi Virtual Storage Platform
    - Hitachi Virtual Storage Platform G1000
    - BCM
    - Hitachi Storage Related Products (FC-SW)

• HWS15-001: Solution of GNU C Library vulnerability (CVE-2015-0235) [Japanese]

January 29, 2015

The issue is currently under investigation.

6. References

• VU#967332: GNU C Library (glibc) __nss_hostname_digits_dots() function vulnerable to buffer overflow (2015-01-28)
  http://www.kb.cert.org/vuls/id/967332
• CVE-2015-0235
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
• Qualys Security Advisory CVE-2015-0235 GHOST: glibc gethostbyname buffer overflow (2015-01-27)
  https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt
• The GNU C Library (glibc)
  http://www.gnu.org/software/libc/

7. Update history

February 6, 2015

• Updated: Product Information in "February 6, 2015".

February 2, 2015

• Updated: Product Information in "January 30, 2015".

January 29, 2015

• This webpage was newly created and published.

Masato Terada (HIRT) and Naoko Ohnishi (HIRT)