According to the researchers, the vulnerability exists since 2008 when it was introduced in GNU C Library.
The bug also leaves home routers and other Internet of Things (IoT) devices vulnerable to attacks.
All versions of glibc after 2.9 are vulnerable.
The glibc dev team has released anupdate that patches the vulnerability.
Anyone who is in a position to update should do so as soon as possible.
A local resolver (that drops non-compliant responses).
Avoid dual A and AAAA queries (avoids buffer management error) e.g.Do not use AF_UNSPEC.
Mitigating factors for TCP include: Limit all replies to 1024 bytes.
Disabling IPv6 does not disable AAAA queries.
The use of AF_UNSPECunconditionally enables the dual query.
Blocking IPv6 at a local or intermediate resolver does not work toprevent the exploit.
Red Hat officials have more informationhere.
source: www.techworm.net
