A serious vulnerability in the Linux glibc library. It allows attackers to remotely take complete control of the victim system without having any prior knowledge of system credentials.

During a code audit Qualys researchers discovered a buffer overflow in the __nss_hostname_digits_dots() function of glibc. This bug can be triggered both locally and remotely via all the gethostbyname() functions. Applications have access to the DNS resolver primarily through the gethostbyname() set of functions. These functions convert a hostname into an IP address.

This is for the Debian :)

vu

To Check if you are affected 

You can download the file from  this link

wget

roo

ro

If you are VULNERABLE, you’ll get an output like

v

If you are not, it will show as 

notvull

To FIX:- 

Check what are the packages are vulnerable using the dpkg command and update it.

lb11

apt

And check if its updated by running the dpkg command.

7

Then you need to restart the services.  To find which services you need to restart, try the below command

lsof