Linux's Systemd can be pwned via an evil DNS query

[belham2]

http://www.theregister.co.uk/2017/06/29 ... dns_query/

"Don't panic, but Linux's Systemd can be pwned via an evil DNS query..........PS, Alpine users, you need to get patching, too – for other reasons"

By Shaun Nichols in San Francisco 29 Jun 2017 at 01:44

Systemd, the Linux world's favorite init monolith, can be potentially crashed or hijacked by malicious DNS servers. Patches are available to address the security flaw, and should be installed ASAP if you're affected.

Looking up a hostname from a vulnerable Systemd-powered PC, handheld, gizmo or server can be enough to trigger an attack by an evil DNS service: the software's resolved component can be fooled into allocating too little memory for a lookup response......................................................

[6502coder]

http://www.zdnet.com/article/linuxs-sys ... ver-attack

"Ubuntu maker Canonical has released a patch to address the issue....The bug, identified as CVE-2017-9445, could be used by a remote attacker to cause a denial of service in the daemon or execute arbitrary code."

"Debian developers note that the issue doesn't affected Debian Wheezy and Jessie, while Stretch and Buster are vulnerable. However, in Stretch's case, the issue is considered "minor" because systems-resolved is not enabled by default. "

[anikin]

More details here:

CVE-2017-9445
https://security-tracker.debian.org/tra ... -2017-9445

Ubuntu Security Notice USN-3341-1
https://www.ubuntu.com/usn/usn-3341-1

[anikin]

I quickly ran through the comments section of the OP article
http://www.theregister.co.uk/2017/06/29 ... _dns_query
They are not extremely thoughtful, but this one caught my attention. It explains why systemd-resolved was introduced in the first place:

John Sanders

I use systemd on all the servers I manage, out of choice. I refuse to set up non-systemd server-setups any more, it is just so vastly more pleasant to work with than the alternatives.

So, for me personally, when systemd came along, it solved all the problems I ever had with system initialization. What most systemd critics consider "bloat", I consider necessary complexity to solve a complex problem generically. You can say what you want about Poettering, but he actually realized what the problems with system initialization were and provided a working solution. I could go on for hours, but this should be a good summary.

A lot of the pushback against systemd - merited or not - is because a lot of people in charge of little parts of the bazaar have seen their pet projects cast aside by the major distros and taken over by the systemd devs. In a world where street cred is a big force in motivating people to contribute to open source being maintainer of 'x' where 'x' is part of each and every linux distro out there and then to see 'x' taken over by systemd in a fairly rough manner without any kind of co-operation between the old maintainers and the new kids on the block there are bound to be a lot of ruffled feathers. But that's not technology, that's just ego.

I find amusing that no one here is asking why systemd-resolved was introduced, or what problem was it intended to solve, read this post: https://lists.ubuntu.com/archives/ubunt ... 39350.html

[saintless]

I quickly ran through the comments section of the OP article
http://www.theregister.co.uk/2017/06/29 ... _dns_query
They are not extremely thoughtful, but this one caught my attention.

If we want to be fair this guy seems very positive about systemd. Very positive or very negative words about something always make me suspicious. And he isn't always so polite:
https://forums.theregister.co.uk/post/reply/3189561?

John Sanders
.....
I'm sick of the systemd crap people post online, out of 1000's of posts I have seen maybe 1 or 2 issues that were genuine issues with systemd, the rest was people who do not know/are not familiar with systemd and just complain when they do not know what to do when their sysv hacks don't work on systemd.

For all the hacks out there who hate systemd, create a unit, and run your fucking script from there:

/etc/systemd/system/lowgpu.service

.....

I agree with the answer below.
https://forums.theregister.co.uk/forum/ ... #c_3189112

HieronymusBloggs

"I'm sick of the systemd crap people post online, out of 1000's of posts I have seen maybe 1 or 2 issues that were genuine issues with systemd"

Presumably those "1000's" of posts were somewhere else on the internet. Most of the posts about systemd problems on this forum have been from experienced people who certainly don't need to be given a "dummy's guide" to how to write a unit file. It's Friday. Calm down and have a beer.

I have nothing against systemd but I think it wasn't ready and it is still not ready to be the default init. Unfortunately the linux world suffers the most from this systemd separation at the moment and there are no winners.

Toni

[anikin]

Toni, mon ami,

Are we on the same wavelength? Did you understand my post? It was about one and only one subject: ... why systemd-resolved was introduced in the first place

...I find amusing that no one here is asking why systemd-resolved was introduced, or what problem was it intended to solve, read this post: https://lists.ubuntu.com/archives/ubunt ... 39350.html

systemd-resolved seems to be the root cause of the vulnerability. Can we stay on topic and avoid all the empty talk about how you and I personally feel about systemd?

[saintless]

systemd-resolved seems to be the root cause of the vulnerability. Can we stay on topic and avoid all the empty talk about how you and I personally feel about systemd?

Sure Anikin, but my post is on-topic.
systemd-resolved is just the next proof to my previous post end lines. Not ready yet for default init.

Toni

[anikin]

Some useful info here:
https://superuser.com/questions/1153203 ... domly-fail