mhbell Posted June 29, 2017 Share Posted June 29, 2017 In January 2017, security researcher Sebastian Krahmer found a bug in Linux systems which could be exploited to grant cyber-attackers root access to a targeted machine. On June 27 2017, software engineer Chris Coulson reported a different systems vulnerability. The CVE-2017-9445 bug can be exploited by cyber-attackers with TCP packets that trick the systemd initialization daemon to enable the execution of malicious code, or trigger system crashes. CLick Here for More Quote Link to comment Share on other sites More sharing options...
securitybreach Posted June 29, 2017 Share Posted June 29, 2017 That's what great about linux and open source, bugs are found and fixed promptly. Arch was patched yesterday Quote Link to comment Share on other sites More sharing options...
abarbarian Posted June 30, 2017 Share Posted June 30, 2017 Good find. Nice that it has been patched for Arch so quickly. It does highlight the inherent flaw in the use of systemd as a controller for almost all of the processes used to run a system. Find a crack in it and you have the possibility to access the whole system.Good job there are folk out in the wild looking after our safety. Quote Link to comment Share on other sites More sharing options...
securitybreach Posted June 30, 2017 Share Posted June 30, 2017 Good find. Nice that it has been patched for Arch so quickly. It does highlight the inherent flaw in the use of systemd as a controller for almost all of the processes used to run a system. Find a crack in it and you have the possibility to access the whole system.Good job there are folk out in the wild looking after our safety. Well the same could be said for sysinit as well. I know that systemd manages more but once you are root, you can manage all you like no matter what you use.. 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.