With various different operating systems functioning these days around the globe, the ultimate goal of the manufacturers of every operating system is to reduce the number of vulnerabilities as much as possible. Windows, Linux, Ubuntu, Android and IOS are some examples of widely used operating systems nowadays with each one of them having its pros and cons. However, the latest discovery about a very major vulnerability in Linux operating system has taken many by surprise. The discovery has opened up the fact that linux can be hacked by a mere malicious DNS response.
This vulnerability named as CVE-2017-9445 can allow hackers with no need to even physically access the device. They can exploit this vulnerability remotely and trigger a buffer overflow which allows hackers to install malicious code on any Linux device. In other words, the overwritten data is the one in which hackers can dictate their terms to harm Linux devices. This means linux can be hacked!
The service through which Linux system can be hacked has been discovered to be the service manager “Systemd”. The point of concern is the fact that this vulnerability hasn’t come under the developers’ eyes. It is present in Systemd version 223 introduced in 2015 and is present in the current version 233 as well. The discovery that linux can be hacked has caused an upheaval in the developers minds and they are continuously working to track down any further discrepancies in the system.
In simple words, the method used to exploit this vulnerability is by forcing Systemd to allocate a buffer of a very small size with the help of a malicious DNS server. A size so small that when data is written so it goes beyond its limit and all the data beyond its limit is used to maliciously attack the linux device.
According to latest updates, this bug is present in Ubuntu, Buster and other operating systems too like linux that use Systemd. However, strong steps are being taken and many updates have been introduced to counter this vulnerability and make users safe.
So, if you are a user of Linux, install those security patches and stay safe!