Security News > 2017 > June > Your Linux Machine Can Be Hacked Remotely With Just A Malicious DNS Response (The Hackers News)
2017-06-29 00:16
A critical vulnerability has been discovered in Systemd, the popular init system and service manager for Linux operating systems, that could allow remote attackers to potentially trigger a buffer overflow to execute malicious code on the targeted machines via a DNS response. The vulnerability, designated as CVE-2017-9445, actually resides in the 'dns_packet_new' function of 'systemd-resolved,
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/IxLHl4ssiTQ/linux-buffer-overflow-code.html
Related news
- Magnet Goblin hackers use 1-day flaws to drop custom Linux malware (source)
- Hackers leverage 1-day vulnerabilities to deliver custom Linux malware (source)
- Week in review: Cybersecurity job openings, hackers use 1-day flaws to drop custom Linux malware (source)
- Windows 11, Tesla, and Ubuntu Linux hacked at Pwn2Own Vancouver (source)
- Muddling Meerkat hackers manipulate DNS using China’s Great Firewall (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-28 | CVE-2017-9445 | Out-of-bounds Write vulnerability in Systemd Project Systemd In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. | 5.0 |