Impact of the GNU glibc gethostbyname Function Buffer Overflow “GHOST” Vulnerability on EMC Isilon OneFS

The “Ghost” vulnerability (CVE-2015-0235) in the gethostbyname functions of the GNU C Library (glib), which is commonly found in Linux based operating systems, affects applications calling this function. In some special instances, the successful exploitation of this vulnerability could allow an attacker to perform remote code execution on a targeted system.

Following the release of this vulnerability, we immediately initiated a review of EMC Information Infrastructure and RSA products to assess any potential impact. We have published knowledgebase articles on our customer accessible support websites that reflect the most up to date information from our review along with remediation plans, where needed.

For information on EMC products, including Isilon OneFS, please visit and bookmark KB article 197461 (log in to the EMC Online Support site is required).

We will continue to update the information as our review and remediation continues using our standard customer communication channels, such as the KB article above, and at the EMC Product Security Blog.

If customers have trouble accessing the articles, they can reach out to EMC support at

About the Author: Kirsten Gantenbein