Just a few days ago a new systemd vulnerability was discovered in Linux by Andrew Ayer, Linux administrator and founder of SSLMate certificate company. As reported, the bug has the potential to kill a number of critical commands, in the meantime making others unstable just by inserting the following short command:
NOTIFY_SOCKET=/run/systemd/notify systemd-notify “”.
The researcher also explained that “the bug is serious, as it allows any local user to trivially perform a denial-of-service attack against a critical system component”.
Serious Deficiencies in systemd’s Architecture
Initially, the researcher thought the flaw to be of low-severity character, but later he changed his mind. The vulnerability can be quite dangerous as it highlights serious deficiencies in systemd’s architecture, Ayer told SCMagazine in an email.
According to the expert, the vulnerability shouldn’t be neglected, mainly because system replaces an increasing number of components of Linux OS.
At this point, Ayer’s advice for Linux admins is to make sure that the automatic security updates are enabled so that the fix is received timely. In the future, he suggests that Linux users start avoiding systemd’s non-standard features and to wait for a better replacement, even though it’s not clear yet what that replacement might be.
Canonical Also Addresses Flaws in Linux Kernel
Canonical has separately announced a series of fixes for previously unknown Linux Kernel vulnerabilities. The flaws affect the Ubuntu OS.
The flaws included an unbounded recursion in Linux Kernel’s VLAN and TEB Generic Receive Offroad (GRO) processing implementation, KDE-PIM Libraries incorrectly filtering URLs, Systemd improperly handling zero-length notification messages, a use-after-free condition in Linux kernel’s TCP retransmit queue handling code, a race condition in Linux kernel’s s390 SCLP console driver, and more.
In case the vulnerabilities are left unpatched, a remote attacker could crash the system or retrieve sensitive information. Considering the various bad outcomes, Ubuntu users should apply the patches as soon as possible.
Here’s a list of vulnerabilities in a single advisory, USN-3095-1: PHP vulnerabilities:
CVE-2016-7124 CVE-2016-7125 CVE-2016-7127 CVE-2016-7128 CVE-2016-7129 CVE-2016-7130 CVE-2016-7131 CVE-2016-7132 CVE-2016-7133 CVE-2016-7134 CVE-2016-7411 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418