2 min Security

System vulnerability gives hackers root access on Linux

System vulnerability gives hackers root access on Linux

Systemd doesn’t make any friends. The widely used but little-loved system and service manager in most Linux distributions appears to contain three vulnerabilities. This allows a local user to gain root access.

Systemd, developed under the Red Hat umbrella, is the standard system and service manager for most Linux distributions. The piece of software is part of the foundation of an operational Linux distribution. However, the init system contains a lot of extra features, which makes it hate a large part of the Linux community. After all, Systemd seems to go against the basic idea of doing one thing right, instead of combining twenty things into a complex whole.

The manager isn’t doing much good on his reputation today. Security company Qualys discovered no less than three leaks in the crucial software. Almost all Linux distributions are vulnerable, with a handful of exceptions. SUSE Linux Enterprise 15, OpenSUSE Leap 15.0, Fedora 28 and Fedora 29 are immune because of the way their user space is compiled.

In all other distributions, a hacker with local access can exploit Systemd to provoke a stack clash. That’s a variant of a stack overflow-bug. Essentially, the hacker uses errors in the software to write data to parts of the memory that should normally be inaccessible. This creates a domino effect, with which a hacker can ultimately gain access to the entire system.

The company that discovered the vulnerabilities claims to have already written executable code that allows it to effectively exploit the leaks. For two of the three vulnerabilities there is now a patch. Probably it won’t be long before that patch reaches all the affected distributions.

This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.