Countless patching efforts are now under way for the years-old bug discovered in the GNU C Library this week, but organizations that use container technology shouldn’t relax just yet.
“As patches are being delivered by Linux vendors and community distributions, there’s one glaring issue at play: Who’s fixing containers?” wrote Red Hat’s Gunnar Hellekson, director of product management, and Josh Bressers, security strategist, in a blog post Friday.
Red Hat and Google independently discovered the glibc buffer-overflow bug, which opened the door to attacker-controlled domain names, attacker-controlled DNS servers and man-in-the-middle attacks.