Systemd, the Linux world’s favorite init monolith, can be potentially crashed or hijacked by malicious DNS servers. Patches are available to address the security flaw, and should be installed ASAP if you’re affected.
“A malicious DNS server can exploit this by responding with a specially crafted TCP payload to trick systemd-resolved in to allocating a buffer that’s too small, and subsequently write arbitrary data beyond the end of it,”
- Chris Coulson, of Ubuntu maker Canonical, who discovered the out-of-bounds write in systemd-resolved.
The bug was introduced in systemd version 223 in 2015 and affects all versions through to version 233.
Ubuntu developer Canonical has addressed the vulnerability and released a fix for Ubuntu 17.04 and Ubuntu 16.10. According to Red Hat, the vulnerability doesn’t affect the versions of systemd that are used in Red Hat Enterprise Linux 7. Debian responded to the CVE-2017-9445 report by explaining that their distributions use the vulnerable versions of systemd, but it’s not a concern for them because the affected systemd-resolved service is disabled by default.