USN-5583-1: systemd vulnerability
29 August 2022
systemd could be made to crash or run programs if it received specially crafted DNS request.
Releases
Packages
- systemd - system and service manager
Details
It was discovered that systemd incorrectly handled certain DNS requests,
which leads to user-after-free vulnerability. An attacker could possibly use
this issue to cause a crash or execute arbitrary code. (CVE-2022-2526)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-5583-2: systemd-coredump, libnss-resolve, libudev-dev, systemd-sysv, udev, libsystemd-dev, libnss-mymachines, systemd-container, systemd, libnss-systemd, systemd-journal-remote, libsystemd0, libpam-systemd, libnss-myhostname, libudev1, systemd-tests