Casa > cibernético Notícias > CVE-2017-15908: Bug systemd Coloca Linux em risco de ataques de negação de serviço
CYBER NEWS

CVE-2017-15908: Bug systemd Coloca Linux em risco de ataques de negação de serviço

Os usuários do Linux, ter cuidado. Um número de distribuições Linux estão em risco devido a um bug no systemd. A falha está localizado na resolvedor DNS do systemd e poderia levar a ataques de negação de serviço (DoS) ataques a sistemas afetados, pesquisadores TrendMicro avisá. The vulnerability is identified as CVE-2017-15908:

In systemd 223 através 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the ‘systemd-resolvedservice and cause a DoS of the affected service.

disse brevemente, systemd is an init system used in most Linux distributions to bootstrap the user space and manage all processes subsequently, instead of the UNIX System V or Berkeley Software Distribution (BSD) init systems. The name systemd follows the Unix convention of naming daemons by appending the letter d.

Story relacionado: Proteger o seu dispositivo Linux a partir de Exploits e Malware

CVE-2017-15908 ExplainedHow It Is Triggered

Pelo visto, there are many ways to get the user to query a DNS server under the control of a hacker. The easiest way to do this however is to make the user visit a hacker-controlled domain, TrendMicro explica. This is done by implementing social engineering techniques or with the help of specific malware.

CVE-2017-15908 was discovered in July and was reported to the corresponding vendors almost immediately. Curiosamente, independent researchers discovered the same flaw in October and reported it to Canonical. Fixes were quickly released to the affected Linux distros. Researchers say that no attacks against this flaw have been registered in the wild.

As for the flaw itself, it stems from the processing of the bits that represent pseudo-types in the NSEC bitmap.

Mitigation Against CVE-2017-15908

Felizmente, there are fixes already available for this flaw. It is highly recommended that the patches are applied as soon as possible. System admins can also opt to block potentially malicious packets manually. As advised by researchers, DNS responses should be checked to see if they contain resource records as specified in section 4 of RFC 4034.

Story relacionado: Systemd e Ubuntu Endereço múltipla Linux Vulnerabilities

Another systemd vulnerability that could lead to a denial-of-service attack was discovered in Linux in October 2016. As reported back then, the bug had the potential to kill a number of critical commands, in the meantime making others unstable just by inserting the NOTIFY_SOCKET=/run/systemd/notify systemd-notify “” comando.

The bug was quite serious, as it allowed any local user to trivially perform a denial-of-service attack against a critical system component”.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...