CVE-2015-0235

Publication date 27 January 2015

Last updated 24 July 2024


Ubuntu priority

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

Status

Package Ubuntu Release Status
eglibc 14.10 utopic Not in release
14.04 LTS trusty
Not affected
12.04 LTS precise
Fixed 2.15-0ubuntu10.10
10.04 LTS lucid
Fixed 2.11.1-0ubuntu7.20
glibc 14.10 utopic
Not affected
14.04 LTS trusty Not in release
12.04 LTS precise Not in release
10.04 LTS lucid Not in release