GHOST glibc vulnerability (CVE-2015-0235): is it required restart a server after glibc upgrade?

Solution 1:

A restart is not technically required, because only programs which use glibc need to be restarted, and the kernel does not use glibc.

That being said, restarting everything that uses glibc is sufficiently broad that you might as well just reboot.

For example, /sbin/init uses glibc. However restarting it is trivial (run init u as root).

Solution 2:

If you are happy with manually restarting individual services that are using the vulnerable library, you can run this command and restart the listed processes:

# lsof | awk '/libc-/ {print $1}' | sort -u

You will probably find it will be easier to restart the machine entirely.

Solution 3:

Yes, so the processes that depend on the old version of glibc start again with the new version of the library. Statically linked programs also need to be recompiled for this reason.