Apenas alguns dias atrás, uma nova vulnerabilidade de sistema foi descoberta no Linux por Andrew Ayer, Administrador Linux e fundador da empresa de certificação SSLMate. Como reportado, o bug tem o potencial de matar vários comandos críticos, in the meantime making others unstable just by inserting the following short command:
NOTIFY_SOCKET=/run/systemd/notify systemd-notify “”.
The researcher also explained that “the bug is serious, as it allows any local user to trivially perform a denial-of-service attack against a critical system component”.
Serious Deficiencies in systemd’s Architecture
Inicialmente, the researcher thought the flaw to be of low-severity character, but later he changed his mind. The vulnerability can be quite dangerous as it highlights serious deficiencies in systemd’s architecture, Ayer told SCMagazine in an email.
De acordo com o especialista, the vulnerability shouldn’t be neglected, mainly because system replaces an increasing number of components of Linux OS.
Neste ponto, Ayer’s advice for Linux admins is to make sure that the automatic security updates are enabled so that the fix is received timely. No futuro, he suggests that Linux users start avoiding systemd’s non-standard features and to wait for a better replacement, even though it’s not clear yet what that replacement might be.
Canonical Also Addresses Flaws in Linux Kernel
Canonical has separately announced a series of fixes for previously unknown Linux Kernel vulnerabilidades. The flaws affect the Ubuntu OS.
The flaws included an unbounded recursion in Linux Kernel’s VLAN and TEB Generic Receive Offroad (GRO) processing implementation, KDE-PIM Libraries incorrectly filtering URLs, Systemd improperly handling zero-length notification messages, a use-after-free condition in Linux kernel’s TCP retransmit queue handling code, a race condition in Linux kernel’s s390 SCLP console driver, e mais.
In case the vulnerabilities are left unpatched, a remote attacker could crash the system or retrieve sensitive information. Considering the various bad outcomes, Ubuntu users should apply the patches as soon as possible.
Here’s a list of vulnerabilities in a single advisory, USN-3095-1: PHP vulnerabilities:
CVE-2016-7124 CVE-2016-7125 CVE-2016-7127 CVE-2016-7128 CVE-2016-7129 CVE-2016-7130 CVE-2016-7131 CVE-2016-7132 CVE-2016-7133 CVE-2016-7134 CVE-2016-7411 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418