GNU glibc CVE-2015-5180 Remote Denial of Service Vulnerability

Description

GNU glibc is prone to a remote denial-of-service vulnerability. Successfully exploiting this issue allows remote attackers to crash the affected process, denying service to legitimate users. Versions prior to GNU glibc 2.25 are vulnerable.

Technologies Affected

• GNU glibc 1.2.3
• GNU glibc 2.0.0
• GNU glibc 2.0.1
• GNU glibc 2.0.2
• GNU glibc 2.0.3
• GNU glibc 2.0.4
• GNU glibc 2.0.5
• GNU glibc 2.0.6
• GNU glibc 2.1.0
• GNU glibc 2.1.1
• GNU glibc 2.1.2
• GNU glibc 2.1.3
• GNU glibc 2.10
• GNU glibc 2.10.1
• GNU glibc 2.11
• GNU glibc 2.11.1
• GNU glibc 2.11.2
• GNU glibc 2.11.3
• GNU glibc 2.12
• GNU glibc 2.12.1
• GNU glibc 2.12.2
• GNU glibc 2.13
• GNU glibc 2.14
• GNU glibc 2.14.1
• GNU glibc 2.15
• GNU glibc 2.16
• GNU glibc 2.17
• GNU glibc 2.18
• GNU glibc 2.19
• GNU glibc 2.2.0
• GNU glibc 2.2.1
• GNU glibc 2.2.2
• GNU glibc 2.2.3
• GNU glibc 2.2.4
• GNU glibc 2.2.5
• GNU glibc 2.20
• GNU glibc 2.21
• GNU glibc 2.22
• GNU glibc 2.23
• GNU glibc 2.24
• Oracle Fujitsu M10-1 Server XCP 2230
• Oracle Fujitsu M10-1 Server XCP 2271
• Oracle Fujitsu M10-1 Server XCP 2280
• Oracle Fujitsu M10-1 Server XCP 2290
• Oracle Fujitsu M10-1 Server XCP 2320
• Oracle Fujitsu M10-1 Server XCP 2360
• Oracle Fujitsu M10-1 Server XCP 3050
• Oracle Fujitsu M10-1 Server XCP 3052
• Oracle Fujitsu M10-1 Server XCP 3053
• Oracle Fujitsu M10-1 Server XCP 3060
• Oracle Fujitsu M10-4 Server XCP 2230
• Oracle Fujitsu M10-4 Server XCP 2271
• Oracle Fujitsu M10-4 Server XCP 2280
• Oracle Fujitsu M10-4 Server XCP 2290
• Oracle Fujitsu M10-4 Server XCP 2320
• Oracle Fujitsu M10-4 Server XCP 2360
• Oracle Fujitsu M10-4 Server XCP 3050
• Oracle Fujitsu M10-4 Server XCP 3052
• Oracle Fujitsu M10-4 Server XCP 3053
• Oracle Fujitsu M10-4 Server XCP 3060
• Oracle Fujitsu M10-4S Server XCP 2230
• Oracle Fujitsu M10-4S Server XCP 2271
• Oracle Fujitsu M10-4S Server XCP 2280
• Oracle Fujitsu M10-4S Server XCP 2290
• Oracle Fujitsu M10-4S Server XCP 2320
• Oracle Fujitsu M10-4S Server XCP 2360
• Oracle Fujitsu M10-4S Server XCP 3050
• Oracle Fujitsu M10-4S Server XCP 3052
• Oracle Fujitsu M10-4S Server XCP 3053
• Oracle Fujitsu M10-4S Server XCP 3060
• Oracle Fujitsu M12-1 Server XCP 2230
• Oracle Fujitsu M12-1 Server XCP 2290
• Oracle Fujitsu M12-1 Server XCP 2320
• Oracle Fujitsu M12-1 Server XCP 2360
• Oracle Fujitsu M12-1 Server XCP 3000
• Oracle Fujitsu M12-1 Server XCP 3050
• Oracle Fujitsu M12-1 Server XCP 3052
• Oracle Fujitsu M12-1 Server XCP 3053
• Oracle Fujitsu M12-1 Server XCP 3060
• Oracle Fujitsu M12-2 Server XCP 2230
• Oracle Fujitsu M12-2 Server XCP 2290
• Oracle Fujitsu M12-2 Server XCP 2320
• Oracle Fujitsu M12-2 Server XCP 2360
• Oracle Fujitsu M12-2 Server XCP 3000
• Oracle Fujitsu M12-2 Server XCP 3050
• Oracle Fujitsu M12-2 Server XCP 3052
• Oracle Fujitsu M12-2 Server XCP 3053
• Oracle Fujitsu M12-2 Server XCP 3060
• Oracle Fujitsu M12-2S Server XCP 2230
• Oracle Fujitsu M12-2S Server XCP 2290
• Oracle Fujitsu M12-2S Server XCP 2320
• Oracle Fujitsu M12-2S Server XCP 2360
• Oracle Fujitsu M12-2S Server XCP 3000
• Oracle Fujitsu M12-2S Server XCP 3050
• Oracle Fujitsu M12-2S Server XCP 3052
• Oracle Fujitsu M12-2S Server XCP 3053
• Oracle Fujitsu M12-2S Server XCP 3060
• Oracle Linux 7.0

Recommendations

Block external access at the network boundary, unless external parties require service.
Allow only trusted hosts and networks to connect to computers running the affected software. This will limit the potential for remote attackers to exploit this issue.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to malformed requests and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.

Updates are available. Please see the references or vendor advisory for more information.