Chris Coulson, Ubuntu developer at Canonical, has found a critical vulnerability Linux that can be exploited to remotely hack machines running the popular OS. The flaw, tracked as CVE-2017-9445, resides in the Systemd init system and service manager for Linux operating systems.
A remote attacker can trigger the buffer overflow vulnerability to execute malicious code with just a malicious DNS response.
The expert has found the vulnerability in the ‘dns_packet_new‘ function of ‘systemd-resolved,’ that handles a DNS response and provides network name resolution to local applications.
A specially crafted malicious DNS response can crash ‘systemd-resolved’ program remotely every time the system tries to lookup for a hostname on an attacker-controlled DNS service.
The attacker can trigger the flaw by sending a large DNS response that triggers a buffer overflow that leads to remote code execution.
The vulnerability affects the Ubuntu versions 17.04 and version 16.10; Debian versions Stretch (aka Debian 9), Buster (aka 10) and Sid (aka Unstable); and various other Linux distributions that use Systemd.
Linux users and system administrators must update their installs as soon as possible.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.