Security News > 2017 > June > Your Linux Machine Can Be Hacked Remotely With Just A Malicious DNS Response (The Hackers News)

Your Linux Machine Can Be Hacked Remotely With Just A Malicious DNS Response (The Hackers News)
2017-06-29 00:16

A critical vulnerability has been discovered in Systemd, the popular init system and service manager for Linux operating systems, that could allow remote attackers to potentially trigger a buffer overflow to execute malicious code on the targeted machines via a DNS response. The vulnerability, designated as CVE-2017-9445, actually resides in the 'dns_packet_new' function of 'systemd-resolved,


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/IxLHl4ssiTQ/linux-buffer-overflow-code.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2017-06-28 CVE-2017-9445 Out-of-bounds Write vulnerability in Systemd Project Systemd
In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small.
network
low complexity
systemd-project CWE-787
7.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2602 1595 67 4328