LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-18-2019, 08:39 PM   #1
hemlocktree
Member
 
Registered: Aug 2018
Location: Northern Exposure
Distribution: 3 Bodhi 5's & 1 debian 9.8 LXDE
Posts: 491

Rep: Reputation: 208Reputation: 208Reputation: 208
systemd vulnerability


https://usn.ubuntu.com/3891-1/
 
Old 02-19-2019, 08:00 PM   #2
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Debian, Mageia, and whatever VMs I happen to be playing with
Posts: 14,630
Blog Entries: 24

Rep: Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056
I note that it requires local access to the machine.

Quote:
It was discovered that systemd incorrectly handled certain D-Bus messages. A local unprivileged attacker could exploit this in order to crash the init process, resulting in a system denial-of-service (kernel panic).
Not something I find particularly alarming. If the bad guy is sitting at your computer mucking with it, you've got problems with Systems A, B, and C, not just with SystemD.
 
Old 02-19-2019, 11:01 PM   #3
hemlocktree
Member
 
Registered: Aug 2018
Location: Northern Exposure
Distribution: 3 Bodhi 5's & 1 debian 9.8 LXDE
Posts: 491

Original Poster
Rep: Reputation: 208Reputation: 208Reputation: 208
i just saw it and figured i'd post it. not making any claims.patch or not patch - that is up to you.
 
Old 02-20-2019, 09:09 PM   #4
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Debian, Mageia, and whatever VMs I happen to be playing with
Posts: 14,630
Blog Entries: 24

Rep: Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056Reputation: 4056
Given that the flaw requires local access to the machine, I'm willing to wait for my SystemD-using distros to issue updates.

If I had computers out in the open where third parties could access them, say in an office or a library, I might react differently, but I'm just a home user with locks on the doors.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
systemd vulnerability fix hemlocktree Bodhi 2 02-19-2019 09:35 AM
vulnerability scanning using NMAP on CVE-2014-0322 vulnerability,check vulnerable meeiyoke Linux - Security 2 06-06-2014 05:09 PM
vulnerability scanning using NMAP on CVE-2014-0322 vulnerability,check vulnerable . meeiyoke Linux - Newbie 1 06-06-2014 12:14 PM
Boot Delay 30min: systemd-analyze blame systemd-tmpfiles-setup.service BGHolmes Fedora 0 07-27-2011 09:02 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:51 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration