LenovoLENOVO:PS500043-NOSIDGNU C Library (glibc) __nss_hostname_digits_dots() function vulnerable to buffer overflow ("GHOST")
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.975 High
EPSS
Percentile
100.0%
Lenovo Security Advisory: LEN-2015-007
Potential Impact: Execution of Arbitrary Code
Severity: High
Summary:
A vulnerability has been found in the GNU C Library (glibc) __nss_hostname_digits_dots() function that allows both local and remote users to cause a buffer overflow in network function calls gethostbyname() and gethostbyname2(). The media is referring to this vulnerability as βGHOST.β
Immediate patches are required to fix the vulnerability in the glibc that allow arbitrary code execution from unauthenticated users. It is necessary to restart computers or process following the patches.
Description:
According to Qualys, the vulnerability is βa buffer overflow in the _ _nss_hostname_digits_dots() function of the GNU C Library (glibc). This bug is reachable both locally and remotely via the gethostbyname*() functionsβ and furthermore, βarbitrary code execution can be achievedβ by use of the buffer overflow. The vulnerability exists in any systems relying on the function in the GNU C Library gethostbyname() and gethostbyname2() functions. There is currently proof of concept code available to exploit this code.
Affected Products:
ThinkPad
| System | Status |
|---|---|
| ThinkPad Edge E130 | Not affected |
| ThinkPad Edge E145 | Not affected |
| ThinkPad Edge E431/E531 | Not affected |
| ThinkPad Edge E440/E540 | Not affected |
| ThinkPad Edge E455/E555 | Not affected |
| ThinkPad Edge S430 | Not affected |
| ThinkPad Helix | Not affected |
| ThinkPad L430/L530 | Not affected |
| ThinkPad L440/L540 | Not affected |
| ThinkPad S1 Yoga (Non-vPro) | Not affected |
| ThinkPad S1 Yoga (vPro) | Not affected |
| ThinkPad S431 | Not affected |
| ThinkPad S440 | Not affected |
| ThinkPad S531 | Not affected |
| ThinkPad S540 | Not affected |
| ThinkPad T430 | Not affected |
| ThinkPad T430s | Not affected |
| ThinkPad T430u | Not affected |
| ThinkPad T431s | Not affected |
| ThinkPad T440/T440s | Not affected |
| ThinkPad T440p | Not affected |
| ThinkPad T530 | Not affected |
| ThinkPad T540p | Not affected |
| ThinkPad Tablet 10 (32-bit) | Not affected |
| ThinkPad Tablet 10 (64-bit) | Not affected |
| ThinkPad Tablet 2 | Not affected |
| ThinkPad Tablet 8 (32-bit) | Not affected |
| ThinkPad Tablet 8 (64-bit) | Not affected |
| ThinkPad Twist/Edge S230 | Not affected |
| ThinkPad W530 | Not affected |
| ThinkPad W540 | Not affected |
| ThinkPad X1 Carbon (20A7,20A8) | Not affected |
| ThinkPad X1 Carbon (34xx) | Not affected |
| ThinkPad X131e (AMD) | Not affected |
| ThinkPad X131e (Intel) | Not affected |
| ThinkPad X140e (AMD) | Not affected |
| ThinkPad X230 | Not affected |
| ThinkPad X230s | Not affected |
| ThinkPad X230t | Not affected |
| ThinkPad X240/X240s | Not affected |
| ThinkPad Yoga 11e | Not affected |
ThinkCentre
| System | Status |
|---|---|
| ThinkCentre E73Z | Not affected |
| ThinkCentre E93 | Not affected |
| ThinkCentre E93Z | Not affected |
| ThinkCentre Edge 62z | Not affected |
| ThinkCentre Edge 72 | Not affected |
| ThinkCentre Edge 72z | Not affected |
| ThinkCentre Edge 92z | Not affected |
| ThinkCentre M62Z | Not affected |
| ThinkCentre M72e | Not affected |
| ThinkCentre M72e | Not affected |
| ThinkCentre M72e | Not affected |
| ThinkCentre M72z | Not affected |
| ThinkCentre M73 | Not affected |
| ThinkCentre M73 Tiny | Not affected |
| ThinkCentre M73Z | Not affected |
| ThinkCentre M78 (type 1562, 1565, 1662, 1663, 1766, 2111, 2113, 2114, 4860, 4863, 4865, 4866, 5100) | Not affected |
| ThinkCentre M78 (type 10BN, 10BQ, 10BR, 10BS, 10BT, 10BU) | Not affected |
| ThinkCentre M83 | Not affected |
| ThinkCentre M83Z | Not affected |
| ThinkCentre M90 | Not affected |
| ThinkCentre M90p | Not affected |
| ThinkCentre M91 | Not affected |
| ThinkCentre M91P | Not affected |
| ThinkCentre M92 | Not affected |
| ThinkCentre M92P | Not affected |
| ThinkCentre M92Z | Not affected |
| ThinkCentre M93 | Not affected |
| ThinkCentre M93P | Not affected |
| ThinkCentre M93Z | Not affected |
ThinkStation
| System | Status |
|---|---|
| ThinkStation C30 | |
| (type 1095, 1096, 1097) | Not affected |
| ThinkStation C30 | |
| (type 1136, 1137) | Not affected |
| ThinkStation D30 | |
| (type 4223, 4228, 4229) | Not affected |
| ThinkStation D30 | |
| (type 4353, 4354) | Not affected |
| ThinkStation E31 | Not affected |
| ThinkStation E32 | Not affected |
| ThinkStation P300 | Not affected |
| ThinkStation P500 | Not affected |
| ThinkStation P700 | Not affected |
| ThinkStation P900 | Not affected |
| ThinkStation S30 | Not affected |
| ThinkStation S30 | Not affected |
ThinkServer & Storage
System | Status | Minimum version
including Fix | Link
β|β|β|β
ThinkServer RD330 | Not affected | β | β
ThinkServer RD340 | Not affected | β | β
ThinkServer RD350 | Affected | 1.33 | <http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetailServer.aspx?ID=70692>
ThinkServer RD430 | Not affected | β | β
ThinkServer RD440 | Not affected | β | β
ThinkServer RD450 | Affected | 1.33 | <http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetailServer.aspx?ID=70693>
ThinkServer RD530 | Not affected | β | β
ThinkServer RD540 | Not affected | β | β
ThinkServer RD550 | Affected | 1.33 | <http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetailServer.aspx?ID=70694>
ThinkServer RD630 | Not affected | β | β
ThinkServer RD640 | Not affected | β | β
ThinkServer RD650 | Affected | 1.33 | <http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetailServer.aspx?ID=70695>
ThinkServer RS140 | Not affected | β | β
ThinkServer TD340 | Not affected | β | β
ThinkServer TD350 | Affected | 1.33 | <http://support1.lenovo.com.cn/lenovo/wsi/Modules/DriverDetailServer.aspx?ID=70696>
ThinkServer TS130 | Not affected | β | β
ThinkServer TS140 | Not affected | β | β
ThinkServer TS430 | Not affected | β | β
ThinkServer TS440 | Not affected | β | β
ThinkStorage SA120 | Not affected | β | β
Lenovo EMC
| System | Status |
|---|---|
| LenovoEMC EZ Media & Backup (hm3) | Not affected |
| LenovoEMC Home Media Cloud Edition (hm2) | Not affected |
| LenovoEMC ix12-300r | Not affected |
| LenovoEMC ix2 (inc DL) | Not affected |
| LenovoEMC ix2-200 | Not affected |
| LenovoEMC ix2-200 Cloud Edition | Not affected |
| LenovoEMC ix4-200d | Not affected |
| LenovoEMC ix4-200d (2.1.x firmware) | Not affected |
| LenovoEMC ix4-200d Cloud Edition | Not affected |
| LenovoEMC ix4-300d (inc DL) | Not affected |
| LenovoEMC px12-350r | Not affected |
| LenovoEMC px12-400r | Not affected |
| LenovoEMC px12-450r | Not affected |
| LenovoEMC px2-300d (inc NVR) | Not affected |
| LenovoEMC px4-300d (inc NVR) | Not affected |
| LenovoEMC px4-300r | Not affected |
| LenovoEMC px4-400d (inc NVR) | Not affected |
| LenovoEMC px4-400r | Not affected |
| LenovoEMC px6-300d | Not affected |
Software
| Application | Status |
|---|---|
| Deploy Manager | Not affected |
| Diagnostic | Not affected |
| Easy Manager | Not affected |
| Easy Updater | Not affected |
| Energy manager | Not affected |
| OSPUT | Not affected |
| Partner Pack | Not affected |
| Power Planner | Not affected |
| TSMCLI | Not affected |
Acknowledgements:
Other information and references:
- CERT Vulnerability Note: VU#967332
- CVE ID: CVE-2015-0235
Revision History:
| Revision | Date | **Description ** |
|---|---|---|
| 1.2 | 2015-06-29 | Publish additional fixes |
| 1.1 | 2015-03-03 | Publish additional fixes |
| 1.0 | 2015-02-16 | Initial release |
Related
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.975 High
EPSS
Percentile
100.0%