Users are urged to update as soon as possible

Feb 23, 2016 01:30 GMT  ·  By

Michael Tremer, a developer working on the open source IPFire Linux firewall project, announced on February 22, 2016, the availability of a new Core Update for the distribution.

According to the release notes, IPFire 2.17 Core Update 98 is a small bugfix release that patches the recently discovered Glibc (GNU C Library) security vulnerability, which was documented at CVE-2015-7547.

The IPFire developer informs users that Glibc is the distribution's main C library and that getaddrinfo() is its interface, which is used to resolve names into IP addresses via Domain Name System (DNS).

Attackers could exploit the process described above in a machine running the IPFire Linux firewall by sending long forged replies, which caused stack buffer overflows, while at the same time potentially injecting and executing the code.

"Due to a recently discovered security vulnerability in Glibc, we are releasing this Core Update that contains a fix for CVE-2015-7547," said Michael Tremer in the announcement. "Please reboot the system after installing the update."

IPFire is not directly exploitable by the Glibc vulnerability

The good news, however, is that the IPFire firewall itself is not directly exploitable to the infamous Glibc vulnerability, mostly thanks to its built-in DNS proxy, which automatically blocks long DNS responses.

Mr. Tremer informs all IPFire users that the DNS proxy implementation is there to protect the main IPFire server and all the operating system on the network, but only if DNS proxy is enabled.

For those who don't use DNS proxy in their IPFire machines, today's patch needs to be applied as soon as possible to fix the Glibc vulnerability. You can download IPFire 2.17 Core Update 98 right now via Softpedia or directly from the project's website.

Don't forget to reboot the server after the update!