Re: Remotely exploitable bug in systemd (CVE-2017-9445)

To: debian-user@lists.debian.org
Subject: Re: Remotely exploitable bug in systemd (CVE-2017-9445)
From: davidson@freevolt.org
Date: Sun, 2 Jul 2017 20:08:39 +0000 (UTC)
Message-id: <[🔎] alpine.DEB.2.10.1707022004590.31434@freevolt.org>
In-reply-to: <[🔎] 884f797c-43db-6c9d-4b78-1eb2814b9969@gmail.com>
References: <[🔎] 20170701163641.0567492f@jabberwock.cb.piermont.com> <[🔎] 87r2xzzwgz.fsf@turtle.gmx.de> <[🔎] db6d7332-a79d-bb4c-f911-f9ab2dae69a9@plouf.fr.eu.org> <[🔎] 87k23rz1lc.fsf@turtle.gmx.de> <[🔎] 884f797c-43db-6c9d-4b78-1eb2814b9969@gmail.com>

On Sun, 2 Jul 2017, Jimmy Johnson wrote:

How was this problem created in the first place?


  http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-9445.html
%
%  Notes
%   chrisccoulson> I believe this was introduced in v223 by
%    https://github.com/systemd/systemd/commit/a0166609f782da91710dea9183d1bf138538db37
%   chrisccoulson> systemd-resolved is not used by default in
%    Xenial. It is spawned if a user execs the systemd-resolve
%    utility, but that shouldn't impact the system.

Reply to:

References:
- Remotely exploitable bug in systemd (CVE-2017-9445)
  - From: "Perry E. Metzger" <perry@piermont.com>
- Re: Remotely exploitable bug in systemd (CVE-2017-9445)
  - From: Sven Joachim <svenjoac@gmx.de>
- Re: Remotely exploitable bug in systemd (CVE-2017-9445)
  - From: Pascal Hambourg <pascal@plouf.fr.eu.org>
- Re: Remotely exploitable bug in systemd (CVE-2017-9445)
  - From: Sven Joachim <svenjoac@gmx.de>
- Re: Remotely exploitable bug in systemd (CVE-2017-9445)
  - From: Jimmy Johnson <field.engineer@gmail.com>

Prev by Date: Re: Disk Access
Next by Date: Re: Superblock last write time is in the future.
Previous by thread: Re: Remotely exploitable bug in systemd (CVE-2017-9445)
Next by thread: Re: Remotely exploitable bug in systemd (CVE-2017-9445)
Index(es):
- Date
- Thread