1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Google discloses serious Linux stack-buffer overflow bug in widely used C library

Discussion in 'Network World' started by RSS, Feb 17, 2016.

  1. RSS

    RSS New Member Member

    A Google security engineer studying an SSH connection to a host unexpectedly discovered a deeper, darker secret in the GNU C Library (glibc). Google later proved that a bug in this library could be used to remotely execute code and cause a stack-buffer overflow condition. Though most Linux operating systems are protected from such an attack by address space layout randomization (ASLR), Google security engineers were able to circumvent this mitigation method.

    SSH is the Linux secure shell that provides an encrypted remote channel for authentication and a command line interface. The glibc library defines the system calls and other basic facilities used by many Linux distributions that C programs use to interact with the OS.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page