Systemd flaw leaves many Linux distros open to attack

A flaw in systemd, the init system used on many Linux systems, can be exploited using a malicious DNS query to either crash a system or to run code remotely.

The vulnerability resides in the daemon systemd-resolved and can be triggered using a TCP payload, according to Ubuntu developer Chris Coulson.

This component can be tricked into allocating less memory than needed for a look-up. When the reply is bigger it overflows the buffer allowing an attacker to overwrite memory.

This would result in the process either crashing or it could allow for code execution remotely.

The error was introduced into the systemd code in June 2015 in version 223.“A malicious DNS server can exploit this by responding with a specially crafted TCP payload to trick systemd-resolved in to allocating a buffer that’s too small, and subsequently write arbitrary data beyond the end of it,” is how Coulson put it.

Many Linux distributions have adopted systemd as their default init system but some have not yet moved from the old SysV init system.

Ubuntu has released patches for its two most recent releases — 16.10 and 17.04 — to fix the issue.

Full article:

Source: iTWire – Systemd flaw leaves many Linux distros open to attack

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s