Dangerous Systemd Bug Found in Linux
Systemd is the initialization system for most Linux operating systems. Although a small portion of the Linux community has revolted against the use of systemd, it has become the de-facto standard and has enjoyed a relatively secure lifespan to date.
Until now.
A researcher with Qualys has discovered a dangerous vulnerability (CVE-2021-33910), which could allow a local attacker to mount a filesystem to a very long mount point. Should this happen, too much memory would be used within systemd, causing a kernel panic.
This vulnerability was introduced in 2015, with commit 7410616c and involves unit_name_path_escape(), strdupa(), alloca(), malloc(), and RLIMIT_STACK).
The good news is most every Linux distribution has already made the patches to systemd available, so all you need to do is upgrade all of your systems. And although you might think there's no way your system could be vulnerable to such an attack, in this case, it is better to be safe than sorry. The only way to secure your Linux systems, at this point, is to upgrade. Once you've upgraded, make sure to reboot your systems, to ensure the changes take place.
For more information on this systemd vulnerability, check out this blog by Bharat Jogi, Sr. Manager, Vulnerabilities and Signatures, Qualys.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.