Critical systemd Vulnerability Allows Attackers to Run Malicious Code on Systems
A critical vulnerability in systemd, the modern init system used in Linux systems, can potentially allow a remote attacker to execute malicious code on a system through a DNS response.
Chris Coulson of Canonical discovered the vulnerability. He explained that a malicious DNS server can exploit this by responding with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it.
The vulnerability was supposedly introduced in systemd version 223 that was released in June 2015. According to HackerNews, “The bug is present in Ubuntu versions 17.04 and version 16.10; Debian versions Stretch (aka Debian 9), Buster (aka 10), and Sid (aka Unstable); and various other Linux distributions that use systemd.”
As expected, the open source community responded swiftly and released a patch before it could cause any harm unlike WannaCry or Petya.
Coulson reported that a patch to resolve this has been provided by Zbigniew Jędrzejewski-Szmek, along with an additional patch to implement a test. If you are running Linux, keep your systems updated.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.