Does DigitalOcean have any advice on the urgent Stack Clash vulnerability?

Thanks for posting these instructions.

For Ubuntu 14.04 you’ll see this:

libc6:
  Installed: 2.19-0ubuntu6.13
  Candidate: 2.19-0ubuntu6.13
 *** 2.19-0ubuntu6.13 0
        500 http://mirrors.digitalocean.com/ubuntu/ trusty-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu/ trusty-security/main amd64 Packages
        100 /var/lib/dpkg/status
     2.19-0ubuntu6 0
        500 http://mirrors.digitalocean.com/ubuntu/ trusty/main amd64 Packages

Two CVEs were issued for this vulnerability:

• CVE-2017-1000364 for the Linux kernel (Ubuntu, Debian )
• CVE-2017-1000366 for glibc (Ubuntu, Debian)

Ubuntu and Debian have already rolled out security updates to the libc6 package. The fixed versions are:

You can check which version of the package is installed and if the fixed version is available by running:

sudo apt-get update
apt-cache policy libc6

The output will look like:

libc6:
  Installed: 2.24-11
  Candidate: 2.24-11+deb9u1
  Version table:
     2.24-11+deb9u1 500
        500 http://security.debian.org stretch/updates/main amd64 Packages
 *** 2.24-11 500
        500 http://mirrors.digitalocean.com/debian stretch/main amd64 Packages
        100 /var/lib/dpkg/status

This shows me that I have the vulnerable version (2.24-11) installed, but can install the fixed version (2.24-11+deb9u1) by running an upgrade.