iTWire - Systemd flaw leaves many Linux distros open to attack

A flaw in systemd, the init system used on many Linux systems, can be exploited using a malicious DNS query to either crash a system or to run code remotely.

The vulnerability resides in the daemon systemd-resolved and can be triggered using a TCP payload, according to Ubuntu developer Chris Coulson.

This component can be tricked into allocating less memory than needed for a look-up. When the reply is bigger it overflows the buffer allowing an attacker to overwrite memory.

This would result in the process either crashing or it could allow for code execution remotely.

2 Likes

Ubuntu has released patches for its two most recent releases — 16.10 and 17.04 — to fix the issue.

Debian is yet to issue a fix, but has pointed out that systemd-resolved is not enabled by default in its latest release, Stretch. Older Debian releases like Jessie and Wheezy do not contain the vulnerable code.

Red Hat said the flaw did not affect versions of systemd shipped with Red Hat Enterprise Linux 7.

Wondering if OpenSuse or others are patched yet

A QA engineer walks into a bar and orders 1 beer, then orders 2 beers, then orders "a" beer, then orders 53736394 beers, then orders a cat, and finally "djdhsisnslsj"

4 Likes

Spot on !

Fedora already has updates for sytemd out :smiley:

2 Likes

Fedora FTW !

1 Like

was released 5 days ago and made it into stable 21 hours ago

https://bodhi.fedoraproject.org/updates/FEDORA-2017-72f0c1ea9c

1 Like

Well systemd is a flaw in and of itself. But I don't know how to replace it with openrc...

It appears it is fixed in the latest systemd package for Arch as well.

https://bugs.archlinux.org/task/54619

Linux from scratch?

1 Like

How about no?

Then why think of replacing it then? Maybe learn it's inner workings and customize (if you can) it to suit your needs

I've been using Funtoo which is just a flavor of Gentoo and it's default init system is OpenRC and I hate it. why? cause I've been using Systemd for so long that I don't want to use any other init system..

1 Like

This is why open source is awesome, fix it instead of troubleshoot it

1 Like

When I got my start in Linux, Lennart had gotten death threats and RedHat said : ... 'Hey, It's here to stay so chill' so I really didn't have a say in the matter !

What is here to stay OpenRC or systemd?

systemd.

Also this

2 Likes

systemd

I was speaking in reference to RedHat coming out with announcement it was switching to systemd several yrs ago

Go Yocto!

1 Like