New Linux Systemd Security Holes Uncovered


Many Linux sysadmins and users dislike Systemd, but love it or hate it, the Systemd is the default system and service manager for most Linux distributions. So, security company Qualys‘s recent revelation of three new Systemd security vulnerabilities isn’t going to win Systemd any friends.

How bad is this trio of trouble? With any of these a local user can gain root privileges. Worse still, Qualys reports that “To the best of our knowledge, all systemd-based Linux distributions are vulnerable.”

Actually, that’s not quite true, even Qualys admits. “SUSE Linux Enterprise 15openSUSE Leap 15.0, and Fedora 28 and 29 are not exploitable because their user space is compiled with GCC’s -fstack-clash-protection.

Read more at ZDNet