Dangerous Systemd Bug Found in Linux


A systemd bug has been discovered that could cause a kernel panic, allowing attackers to bring down a Linux machine.

Systemd is the initialization system for most Linux operating systems. Although a small portion of the Linux community has revolted against the use of systemd, it has become the de-facto standard and has enjoyed a relatively secure lifespan to date.

Until now.

A researcher with Qualys has discovered a dangerous vulnerability (CVE-2021-33910), which could allow a local attacker to mount a filesystem to a very long mount point. Should this happen, too much memory would be used within systemd, causing a kernel panic. 

This vulnerability was introduced in 2015, with commit 7410616c and involves unit_name_path_escape(), strdupa(), alloca(), malloc(), and RLIMIT_STACK).

The good news is most every Linux distribution has already made the patches to systemd available, so all you need to do is upgrade all of your systems. And although you might think there's no way your system could be vulnerable to such an attack, in this case, it is better to be safe than sorry. The only way to secure your Linux systems, at this point, is to upgrade. Once you've upgraded, make sure to reboot your systems, to ensure the changes take place.

For more information on this systemd vulnerability, check out this blog by Bharat Jogi, Sr. Manager, Vulnerabilities and Signatures, Qualys.


Related content

comments powered by Disqus