Note: Please go to to access the current RightScale documentation set. Also, feel free to Chat with us!
Home > FAQs > GHOST (CVE-2015-0235)

GHOST (CVE-2015-0235)


As you may already be aware, GHOST (CVE-2015-0235) is a 'buffer overflow' bug affect the gethostbyname() and gethostbyname2() function calls in the glibc library.  RightScale has already addressed our publicly available images and environments.  Customers can address the issue on their environment using the RightScript we have published in the MultiCloud Marketplace that will test, and patch the GHOST vulnerability:

CVE-2015-0235 Ghost Vulnerability Update RightScript


To use this RightScript, you will need to import it to your RightScale account, and then run as an "Any Script" at the instance or deployment level to patch your systems.  The RightScript tests for vulnerability, if found; it bypasses frozen repos, updates glibc, and then restores the original frozen repos.  After the patch is complete, you may need to restart other services that rely on glibc in order for the patch go into effect.


Official CVE:


You must to post a comment.
Last modified
08:27, 29 Jan 2015


This page has no custom tags.


This page has no classifications.



© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.