Critical systemd Vulnerability Allows Attackers to Run Malicious Code on Systems

By

The bug was introduced in 2015.

A critical vulnerability in systemd, the modern init system used in Linux systems, can potentially allow a remote attacker to execute malicious code on a system through a DNS response.

Chris Coulson of Canonical discovered the vulnerability. He explained that a malicious DNS server can exploit this by responding with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it.

The vulnerability was supposedly introduced in systemd version 223 that was released in June 2015. According to HackerNews, “The bug is present in Ubuntu versions 17.04 and version 16.10; Debian versions Stretch (aka Debian 9), Buster (aka 10), and Sid (aka Unstable); and various other Linux distributions that use systemd.”

As expected, the open source community responded swiftly and released a patch before it could cause any harm unlike WannaCry or Petya.

Coulson reported that a patch to resolve this has been provided by Zbigniew Jędrzejewski-Szmek, along with an additional patch to implement a test. If you are running Linux, keep your systems updated.

07/05/2017
comments powered by Disqus

SysAdmin Day 2017!

  • Happy SysAdmin Day 2017!

    Download a free gift to celebrate SysAdmin Day, a special day dedicated to system administrators around the world. The Linux Professional Institute (LPI) and Linux New Media are partnering to provide a free digital special edition for the tireless and dedicated professionals who keep the networks running: “10 Terrific Tools."

Special Edition

Newsletter

Subscribe to ADMIN Update for IT news and technical tips.

ADMIN Magazine on Twitter

Follow us on twitter