A Systemd Vulnerability Allows Attackers Hack Linux Machines via Malicious DNS response

  • 459
  •  
  •  
  •  
  •  
  •  
  •  
    459
    Shares

The flaw has been discovered by Chris Coulson (Canonical developer) in Systemd, which is an init system used in Linux distributions to bootstrap the user space and manage all processes subsequently, instead of the UNIX System V or Berkeley Software Distribution (BSD) init systems. The vulnerability could enable remote attackers to probably trigger a buffer overflow bug to execute malicious code on the targeted Linux systems via a DNS packet (response).

“A malicious DNS server can exploit this by responding with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that’s too small, and subsequently write arbitrary data beyond the end of it,”

The flaw enables an attacker to crash the system or write data to memory, enabling him to execute malicious code on the target’s machine. Hackers can take advantage of this security issue to hijack systemd instances, which due to their level of access would enable an attacker to take over the whole machine.

“A patch to resolve this has been provided by Zbigniew Jędrzejewski-Szmek, along with an additional patch to implement a test.”

Linux users and system administrators are recommended to install the latest security updates ASAP to patch this vulnerability and stay secure.

The following two tabs change content below.
Avatar

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]
Avatar

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Do NOT follow this link or you will be banned from the site!