Chris Coulson, Ubuntu developer at Canonical, has found a critical vulnerability Linux that can be exploited to remotely hack machines running the popular OS. The flaw, tracked as CVE-2017-9445, resides in the Systemd init system and service manager for Linux operating systems.
A remote attacker can trigger the buffer overflow vulnerability to execute malicious code with just a malicious DNS response.
The expert has found the vulnerability in the ‘dns_packet_new‘ function of ‘systemd-resolved,’ that handles a DNS response and provides network name resolution to local applications.
A specially crafted malicious DNS response can crash ‘systemd-resolved’ program remotely every time the system tries to lookup for a hostname on an attacker-controlled DNS service.
The attacker can trigger the flaw by sending a large DNS response that triggers a buffer overflow that leads to remote code execution.
The vulnerability affects the Ubuntu versions 17.04 and version 16.10; Debian versions Stretch (aka Debian 9), Buster (aka 10) and Sid (aka Unstable); and various other Linux distributions that use Systemd.
Linux users and system administrators must update their installs as soon as possible.
Security Affairs Malware newsletter includes a collection of the best articles and research on malware…
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best…
DKnife is a Linux toolkit used since 2019 to hijack router traffic and deliver malware…
Rome’s La Sapienza University was hit by a cyberattack that disrupted IT systems and caused…
CISA ordered U.S. federal agencies to improve management of edge network devices and replace unsupported…
AISURU/Kimwolf botnet hit a record 31.4 Tbps DDoS attack lasting 35 seconds in Nov 2025,…
This website uses cookies.