Online InventRocky Linux recently addressed a significant vulnerability in the GNU C Library (glibc), identified as CVE-2024-2961, which particularly affects servers running PHP. This vulnerability was notable for potentially allowing attackers to execute arbitrary code on affected systems.
In response, Rocky Linux has provided a temporary solution to mitigate the risks associated with this security flaw. The details of the vulnerability and the interim measures to counteract it were published on April 22, 2024, emphasizing the proactive steps taken by the Rocky Linux community to secure users’ environments.
Since the latest version of glibc (v2.40) is still in the beta phase, Rocky Linux has offered a simple interim fix. They also provide a diagnostic test to determine if your server is affected, which can be accessed here.
Note that, as a rule of thumb, you should assume all versions of glibc 2.39 or earlier are potentially affected by this vulnerability.
For more information on this topic and to stay updated with the latest news from Rocky Linux, you can visit their official news section.
