Canonical’s Ubuntu developer Chris Coulson found a critical vulnerability, you can use it to remotely attack run popular of the operating system of the machine. The vulnerability number CVE-2017-9445 located in the Systemd init system
and service manager
.
A remote attacker can trigger a buffer overflow vulnerability via a malicious DNS response to execution of malicious code.
Experts have found that ‘systemd-resolved’ of ‘dns_packet_new’ function of the vulnerability, it is processing a DNS response, and as a local application to provide network name resolution. Whenever the system attempts the attacker controls the DNS service to find the host name when a specially crafted malicious DNS responses could lead to remote “systemd-resolved” the program to crash.
An attacker can send a large DNS response to trigger the vulnerability, causing a buffer overflow, remote code execution.
“Passed to the dns_packet_new certain size may cause it to the allocated buffer is too small. Page alignment of the digital - sizeof(DnsPacket)+ sizeof(iphdr)+ sizeof(udphdr will do so - so on x86 it will be a page-aligned digital - 80. For example, in the x86 calling the size of 4016 dns_packet_new will lead to 4096 bytes of allocation, but the 108 bytes for DnsPacket structure.“ Coulson explained.
Malicious DNS servers can use a specially crafted TCP payload to solve this problem, so that the system resolve allocated a too small buffer, then writes any data.
This defect affects the Systemd version of 223, the version is earlier than 2015, 6 months, and thereafter further comprising 2017 3 month released Systemd version 233 to.
The vulnerabilities affect the Ubuntu 17.04 Edition and the 16.10 version ; the Debian version of the Stretch, also known as the Debian 9, The Buster, also known as the 10 and Sid aka Unstable); and the use of Systemd for the various other Linux distributions.
Linux user and system administrator must as soon as possible to update their operating system.