[sf-lug] Verifiably critical systemd vulnerability anyone?
bliss-sf4ever at dslextreme.com
Tue Jul 20 16:37:49 PDT 2021
I am sure that this is much appreciated by the systemd users.
On 7/20/21 3:34 PM, aaronco36 wrote:
> FYI, am using a non-systemd-init Linux distro at the moment.
> Quoting OpenCVE's earlier 'CVE-2021-33910' webpage at
> https://www.opencve.io/cve/CVE-2021-33910 :
> basic/unit-name.c in systemd 220 through 248 has a Memory Allocation
> with an Excessive Size Value (involving strdupa and alloca for a
> pathname controlled by a local attacker) that results in an operating
> system crash.
> More extensively quoting Steven J. Vaughan-Nichols' more explanatory
> ZDNet article 'Nasty Linux systemd security bug revealed' at
> Qualsys has found an ugly Linux systemd security hole that can enable
> any unprivileged user to crash a Linux system. The patch is available,
> and you should deploy it as soon as possible.
> Systemd, the Linux system and service manager that has largely
> replaced init as the master Linux startup and control program, has
> always had its critics. Now, with Qualys's discovery of a new
> systemd security bug, systemd will have fewer friends. Successful
> exploitation of this newest vulnerability enables any unprivileged
> user to cause a denial of service via a kernel panic.
> In a phrase, "that's bad, that's really bad."
> As Bharat Jogi, Qualys's senior manager of Vulnerabilities and
> Signatures, wrote, "Given the breadth of the attack surface for this
> vulnerability, Qualys recommends users apply patches for this
> vulnerability immediately." You can say that again.
> Systemd is used in almost all modern Linux distributions. This
> particular security hole arrived in the systemd code in April 2015.
> It works by enabling attackers to misuse the alloca() function in a
> way that would result in memory corruption. This, in turn, allows a
> hacker to crash systemd and hence the entire operating system.
> Practically speaking, this can be done by a local attacker mounting a
> filesystem on a very long path. This causes too much memory space
> to be used in the systemd stack, which results in a system crash.
> That's the bad news. The good news is that Red Hat Product Security
> and systemd's developers have immediately patched the hole.
> There's no way to remedy this problem. While it's not present in all
> current Linux distros, you'll find it in most distros such as the
> Debian 10 (Buster) and its relatives like Ubuntu and Mint.
> Therefore, you must, if you value keeping your computers working,
> patch your version of systemd as soon as possible. You'll be glad you
> Numbered, Internally-linked References
> aaronco36 at sdf.org
> sf-lug mailing list
> sf-lug at linuxmafia.com
> SF-LUG is at http://www.sf-lug.org/
bliss - 'Nearly any fool can use a Linux computer. Many do.' After all
here I am...
a big fool but not a big enough fool to use systemd.
More information about the sf-lug