This morning a French Researcher accidentally blew the lid on a bug a bit too early. Fortunately, patches for systems are already available or were made available shortly after the leak. You can find the details of the bug here.

Using a small script found on this HN thread we are able to download a C program which tests the libc6 library for the vulnerability. If vulnerable, it prints vulnerable. If you’re lucky it will print not vulnerable.

Here’s a small bash script which downloads the source, compiles it and executes the test:

Here’s the one-liner I used on our infrastructure to test our systems which downloads the test script and executes it:

After confirming that our hosts were vulnerable, here’s the one-liner I executed to patch them:

https://gist.github.com/adamenger/73c087685a7855b63ff1

After executing this on your infrastructure, you should see ‘not vulnerable’ printed out. Keep in mind that some programs may still be using the old libc libraries, and a reboot of the system or service may be required to start using the new version. You can check which programs are using libc by executing:

Security bugs like these are best taken care of before it’s too late. In just a few hours it’s almost guaranteed that we’ll start seeing these bugs used to exploit systems.

Til next time,

@atom_enger