Systemd causes insecurity on servers thanks to a bug in dns_packet_new

Joaquin García

2 minutes

Server farm

Over the past few days, system and server administrators have been more stressed than usual. The reason for this is called Systemd, an application that most distributions have and that has caused a significant security hole in the servers.

The problem lies in the dns_packet_new package, a package in charge of the dns within Systemd that has sown discord and concern among many servers.

The management of dns by Systemd has caused a security hole in the servers

The bug in Systemd is due to the dns_packet_new package creating a very small memory buffer that can be easily overflowed and after that the attacker can take advantage of it to take control of the machine. It is a serious security hole and affects all distributions that have Systemd, unless they have a version equal to or later than Systemd 233, which has clearly sparked panic in some. It must be remembered that Gnu / Linux is the most used system within servers, already passing 90% of the computers that have this operating system.

Currently, many distributions are sending packages that correct this vulnerability, so it seems that by the end of this week, the most of the servers will be out of harm's way, but in some specific cases it will be necessary to wait a little time, with the consequent risk.

Systemd has brought controversy to the Gnu / Linux world for months. First with the arrival and use of the system to certain distributions and now with security holes. In any case, it is true that many distributions go ahead with this system and only correct the bugs that appear. But there are also alternatives that do not use systemd, in case you are thinking of changing the distribution.


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   Luis said
    ago 7 years

    Devuan is your salvation.

    Reply to Luis
  2.   Raul said
    ago 7 years

    this is not new!
    systemd is full of buds, this is not the only one.
    it has been actively and passively warned about the consequences of having a complex meta-package that dominates almost everything, such as systemd.
    but people want speed in modernity without measuring the consequences well
    The truth is that I prefer the traditional starter scrypts, and the innovations that come more slowly than there is no rush. without breaking that Unix premise (do one thing and do it well)
    that's why I use Slackware.

    Reply to Raul
    1.    bubexel said
      ago 7 years

      But linux is not unix.

      Reply to Bubexel