Google's security research team disclosed a glibc getaddrinfo-overflow vulnerability, the popular Linux Enterprise system, a server system is almost always affected. As long as the glibc version is greater than 2.9 will be the overflow vulnerability. An attacker may by the vulnerability directly in bulk to obtain a large number of host permissions.
> CentOS 6 & 7 SUSE Linux Enterprise Server 1 1 SP3 & 1 2 Ubuntu Server 14.04 &12.04 Debian 8 & 7 & 6 CoreOS 717.3.0
1. Using SELINUX can avoid this vulnerability?
> Appropriate SELINUX rules can limit the system is compromised after impact, but because the DNS is the system many of the basic services used, so SELINUX does not completely avoid the vulnerability, and recommendations for timely updates.
2. The static link of the executable program is received from the vulnerability?
> Yes. If the binary using the vulnerable version of the glibc for the static link, the corresponding program needs to use the new version of glibc to be recompiled.
To update the system.
Centos System Update
It will default to upgrade all software.
Debian and Ubuntu update system
apt-get update apt-get upgrade-y
Due to this vulnerability for glibc vulnerability, related to a variety of procedures, it is recommended to restart the system to take effect.