Canonical informs Ubuntu users that it updated the systemd packages in the Ubuntu 16.10 (Yakkety Yak) and Ubuntu 17.04 (Zesty Zapus) operating systems to patch a recently discovered security issue.
The new systemd vulnerability (CVE-2017-9445) appears to affect the systemd-resolved component, which could allow a remote attacker to crash the systemd daemon by causing a denial of service or run malicious programs on the vulnerable, unpatched machines by using a specially crafted DNS response.
"In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it," reads Canonical's read more)
from Softpedia News / Linux http://ift.tt/2tZQZem
via IFTTT
Subscribe to:
Post Comments (Atom)
Playing Grand Theft Auto Inside A Neural Network’s Hallucination? It’s Possible!
Ever imagined what a Neural Network's hallucination would look like? The post Playing Grand Theft Auto Inside A Neural Network’s Halluc...
-
For over a decade, Denver-based Linux PC vendor System76 has sold some of the best Linux laptops and desktops. As the company has already en...
-
With nearly 2.5 billion active monthly users, Facebook still dominates the web as the world’s biggest social media network. Thousands of v...
-
If you are an avid smartphone user then I am damn sure that you must be using the latest keyboard by Google or any third party. The best par...
No comments:
Post a Comment