CVE-2017-9445: systemd Hit By New Security Vulnerability
Written by Michael Larabel in systemd on 28 June 2017 at 07:39 AM EDT. 89 Comments
SYSTEMD --
CVE-2017-9445 is regarding a vulnerability opened by systemd that could allow malicious actors to crash the program or run programs via a specially crafted DNS response.

This "high" level security notice is regarding an out-of-bounds write in systemd-resolved that could allow a remote attacker to crash the daemon or execute arbitrary code via a DNS response. This bug has been present since systemd 223 and was still present in systemd as of yesterday. Of course, systemd-resolved must be running on the system for your system to be vulnerable.

More details via this oss-security report by a Canonical employee and this CVE report.
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Related systemd News
Popular News