USN-3806-1: systemd vulnerability
5 November 2018
systemd-networkd could be made to crash or run programs if it received specially crafted network traffic.
Releases
Packages
- systemd - system and service manager
Details
Felix Wilhelm discovered that the systemd-networkd DHCPv6 client
incorrectly handled certain DHCPv6 messages. In configurations where
systemd-networkd is being used, an attacker on the same network could use
this issue to cause systemd-networkd to crash, resulting in a denial of
service, or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.10
Ubuntu 18.04
Ubuntu 16.04
After a standard system update you need to reboot your computer to make
all the necessary changes.
References
Related notices
- USN-3807-1: libnm-glib4, network-manager, network-manager-dev, libnm0, network-manager-config-connectivity-debian, libnm-glib-vpn-dev, libnm-glib-vpn1, libnm-util-dev, libnm-util2, gir1.2-networkmanager-1.0, libnm-dev, network-manager-config-connectivity-ubuntu, libnm-glib-dev, gir1.2-nm-1.0