A New Day, An Old Bug: Linux At Risk from ‘glibc' Vulnerability
The bug has existed since 2008.
The vulnerability was first introduced in the 2008 release of glibc 2.9. According to Google, the bug allows for remote code execution. ZDNet and other outlets have reported that this open-source bug affects "a large number of Linux distributions, software and devices," because Linux applications rely on this library.
Google and Red Hat have released a patch for the vulnerability, which can be found here.
Google says that software using the getaddrinfo() library function are at risk.
The glibc
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: http://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@waterstechnology.com
More on Buy-Side Technology
BloombergGPT: Terminal giant enters the LLM race
Bloomberg has developed a large language model with the aim of improving its Terminal’s ability to provide sentiment, charting and search.
Hacked off: banks demand answers after Ion cyber attack
Clients have been left in the dark about the ransomware attack that disrupted futures trading last month.
The buy-side burden: Capturing every document, everywhere, all at once
Ensuring that buy-side firms capture all relevant disclosures from funds—especially in the private markets—can be an onerous and costly task. Accelex is aiming to change that.
Market data consumers buy the same products at massively different price points
A new study finds that asset managers are paying several times more than their peers for the same services—but why? And can it be fixed? Does it need to be?
High-frequency flap over CME’s Aurora data center
Exchange group’s migration to Google’s cloud could render HFT networks redundant
The haves and the ‘have bots’: can AI give vol forecasters an edge?
Quants at Acadian, Man Group, Northern Trust and PGIM are investigating the use of machine learning and natural language processing to improve volatility forecasts.
Ion: after the hack, the clean-up
Some clients are now using Ion systems again, but synchronizing data with CCPs could take days.
SEC’s $5M Bloomberg BVAL fine targets ‘dark magic’ in fixed income pricing
Recent actions against Bloomberg and Ice for violations relating to evaluated pricing services suggest the US regulator may be setting the stage for stricter regulations to govern the sector.
