Your submission was sent successfully! Close

USN-3466-1: systemd vulnerability

26 October 2017

systemd could be made to temporarily stop responding if it received specially crafted network traffic.

Releases

Packages

  • systemd - system and service manager

Details

Karim Hossen & Thomas Imbert and Nelson William Gamazo Sanchez
independently discovered that systemd-resolved incorrectly
handled certain DNS responses. A remote attacker could possibly use this
issue to cause systemd to temporarily stop responding, resulting in a
denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 17.10
Ubuntu 17.04

In general, a standard system update will make all the necessary changes.

References

Related notices

  • USN-3558-1: libsystemd-daemon0, libnss-myhostname, systemd-container, libsystemd0, libsystemd-journal-dev, libudev-dev, systemd-sysv, systemd-journal-remote, gir1.2-gudev-1.0, libgudev-1.0-0, libsystemd-login0, systemd-coredump, udev, libsystemd-id128-dev, libsystemd-daemon-dev, systemd, systemd-services, libsystemd-journal0, libsystemd-dev, libgudev-1.0-dev, libudev1-udeb, udev-udeb, libsystemd-id128-0, libpam-systemd, libudev1, libsystemd-login-dev, libnss-resolve, libnss-mymachines, python-systemd