Systemd Vulnerable to DNS Attacks

Systemd, the Linux world’s favorite init monolith, can be potentially crashed or hijacked by malicious DNS servers. Patches are available to address the security flaw, and should be installed ASAP if you’re affected.

“A malicious DNS server can exploit this by responding with a specially crafted TCP payload to trick systemd-resolved in to allocating a buffer that’s too small, and subsequently write arbitrary data beyond the end of it,”

  • Chris Coulson, of Ubuntu maker Canonical, who discovered the out-of-bounds write in systemd-resolved.

The bug was introduced in systemd version 223 in 2015 and affects all versions through to version 233.

Ubuntu developer Canonical has addressed the vulnerability and released a fix for Ubuntu 17.04 and Ubuntu 16.10. According to Red Hat, the vulnerability doesn’t affect the versions of systemd that are used in Red Hat Enterprise Linux 7. Debian responded to the CVE-2017-9445 report by explaining that their distributions use the vulnerable versions of systemd, but it’s not a concern for them because the affected systemd-resolved service is disabled by default.


Share your thoughts

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.