Developers with Canonical pushed out a handful of patches for the Linux-based operating system Ubuntu this week, including one that resolves a bug that could have let an attacker cause a denial of service or execute arbitrary code with a TCP payload. Chris Coulson, a software and electronics engineer with the company, discovered the vulnerability, an out-of-bounds write (CVE-2017-9445) in Ubuntu’s systemd-resolved system service. The service-an init system used in Linux distributions–is a network name resolution manager and helps provide network name resolution to local apps.
ORIGINAL SOURCE: Threatpost
The post LINUX SYSTEMD BUG COULD HAVE LED TO CRASH, CODE EXECUTION appeared first on IT SECURITY GURU.
from LINUX SYSTEMD BUG COULD HAVE LED TO CRASH, CODE EXECUTION