Important Information about GLIBC Vulnerability “GHOST” (CVE-2015-0235)

Publish Time: 2015-01-30 00:00:00 UTC+8

Last Updated: UTC+8

Status
Resolved

Description

A vulnerability of a widely used Linux library, GLIBC, has been discovered. This vulnerability allows remote attackers to execute arbitrary code. An initial investigation by Synology shows that the impact to DSM is minimal.

Details

GHOST is a vulnerability that affects the popular function-calls which are commonly used for DNS resolving. The initial investigation shows that these functions are implemented in several DSM projects.
However, because of DSM’s design, the impact of this vulnerability is minimal.
We are working on updates for the affected projects.

Update availability

To fix this security issue, please go to DSM > Control Panel > Update & Restore> DSM Update and install the latest update to protect your DiskStation from malicious attacks. Completing this update will automatically restart your system.