USN-5583-1: systemd vulnerability
29 August 2022
systemd could be made to crash or run programs if it received specially crafted DNS request.
Releases
Packages
- systemd - system and service manager
Details
It was discovered that systemd incorrectly handled certain DNS requests,
which leads to user-after-free vulnerability. An attacker could possibly use
this issue to cause a crash or execute arbitrary code. (CVE-2022-2526)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-5583-2: libnss-myhostname, systemd, systemd-journal-remote, udev, systemd-sysv, libsystemd0, libsystemd-dev, libudev1, libudev-dev, libnss-systemd, libpam-systemd, systemd-tests, systemd-container, systemd-coredump, libnss-mymachines, libnss-resolve