USN-3466-1: systemd vulnerability
26 October 2017
systemd could be made to temporarily stop responding if it received specially crafted network traffic.
Releases
Packages
- systemd - system and service manager
Details
Karim Hossen & Thomas Imbert and Nelson William Gamazo Sanchez
independently discovered that systemd-resolved incorrectly
handled certain DNS responses. A remote attacker could possibly use this
issue to cause systemd to temporarily stop responding, resulting in a
denial of service.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.10
Ubuntu 17.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-3558-1: libsystemd-journal0, systemd-coredump, libsystemd-login-dev, libnss-myhostname, udev-udeb, libsystemd-journal-dev, libnss-mymachines, libgudev-1.0-0, systemd-container, libsystemd0, libnss-resolve, systemd-sysv, libudev1-udeb, libgudev-1.0-dev, libudev-dev, libsystemd-id128-0, systemd-services, python-systemd, gir1.2-gudev-1.0, udev, systemd, libudev1, libsystemd-daemon0, libsystemd-id128-dev, libsystemd-login0, libsystemd-dev, libpam-systemd, systemd-journal-remote, libsystemd-daemon-dev