How to Fix the Bash Shellshock Vulnerability on Linux

In the previous post, we explained how to check your Linux server for the highly publicized Shellshock vulnerability in Bash. Fortunately, most, if not all, major Linux distributions have already uploaded the fix into their package management repositories. All you have to do is install the latest version. Unfortunately, there is some evidence to suggest that those updates are currently incomplete. Nevertheless, keeping it updated will thwart potential attackers. Red Hat and other companies are working at this very moment to roll out full fixes. They may even already be available by the time this article is published.

On Debian or Ubuntu distributions, run the following command to update bash:

$ sudo apt-get update && sudo apt-get install –only-upgrade bash

For Red Hat, Fedora, and CentOS, run:

# yum update bash

Once you have ensured that you have the latest version of bash, you should re-run the vulnerability check to see if your server is now safe from it.

You should not need to reboot your server or take any further action once you have completed the update. Nevertheless, over the next few days, more updates might be released as developers and system vendors learn more about the extend of the vulnerability and the types of malware that cyber criminals produce to exploit it.