A serious vulnerability in the Linux glibc library. It allows attackers to remotely take complete control of the victim system without having any prior knowledge of system credentials.
During a code audit Qualys researchers discovered a buffer overflow in the __nss_hostname_digits_dots() function of glibc. This bug can be triggered both locally and remotely via all the gethostbyname() functions. Applications have access to the DNS resolver primarily through the gethostbyname() set of functions. These functions convert a hostname into an IP address.
This is for the Debian :)
To Check if you are affected
You can download the file from this link
If you are VULNERABLE, you’ll get an output like
If you are not, it will show as
Check what are the packages are vulnerable using the dpkg command and update it.
And check if its updated by running the dpkg command.
Then you need to restart the services. To find which services you need to restart, try the below command