Flaw discovered in third-party code libraries used by hundreds of vendors

Among the vendors using uClibc and the uClibc variant uClibc-ng are Linksys, Netgear, Axis and Gentoo an embedded Linux distribution. This page from Ars Technica has links to the impacted devices:

Gear from Netgear, Linksys, and 200 others has unpatched DNS poisoning flaw | Ars Technica

Vendors were informed of the vulnerability in January and it became public this week.

My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.

Clive Catton MSc (Cyber Security) – by-line and other articles