Guard against “GHOST” vulnerability


A new vulnerability in the Linux GNU C Library (glibc), identified in advisory CVE-2015-0235 and known as GHOST, exposes a buffer overflow weakness which allows unauthorized users to execute arbitrary codes via the gethostbyname( ) and gethosbyname2( ) functions on Linux systems, resulting in potential data theft or system intrusion.


Zyxel is well aware of the vulnerability and assures customers that only a limited number of products embedded with the affected glibc are affected, as listed in the table below. However, Zyxel also assures all customers behind these products will be protected by up-to-date IDP signature support. The vulnerability has been proven less likely to be exploited in real-life scenarios.


A firmware plan for the affected models is scheduled for release in the first week of March. Zyxel recommends that all customers upgrade device firmware to the latest available version for optimal network protection. This advisory will be updated when additional information becomes available. Please contact your local sales or service representatives if you require further information.


Products applied

Product Firmware Update Schedule
USG Series 1st week of March, 2015
ZyWALL Series 1st week of March, 2015