Linux Systemd has been exposed to high-risk remote overflow vulnerability

Recently, the developer Chris Coulson found that in many Linux versions of the systemd initialization system has a high-risk remote overflow vulnerability (vulnerability number CVE-2017-9445), the attacker can return by including a special TCP attack load can trigger The vulnerability could lead to arbitrary code execution on Linux systems.

Systemd is the init software under Linux, mainly used to reduce the system boot time and computing overhead. All versions between Systemd 223 in June 2015 and Systemd 233 in March of this year are affected by the above vulnerabilities.

It is reported that the problem is the systemd-resolved domain name resolution service. The developer said that a malicious DNS server could use a specially crafted TCP attack load to allow systemd-resolution to allocate a small buffer, triggering the overflow vulnerability, and then executing any program in the system.

At present for the loopholes, Ubuntu has launched a corresponding patch, Debian said that although the use of loopholes in the systemd version, but the systemd-resolved service is the default value is closed, and Red Hat Red Hat Enterprise Linux 7 Using systemd 219, so it is not affected.