Security researchers have disclosed three severe vulnerabilities in systemd of Linux systems. The flaws are tracked as CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866 and can be exploited to obtain root privileges on the target machine or even leak information.
The systemd is a core component in Linux and is used to manage system processes after the boot process.
Three severe flaws
According to the researchers at Qualys, the flaws exist in ‘journald’ service, a part of systemd that handles the collection and storage of log data. The flaws can cause the ‘journald’ service to crash and enable the hackers to take control over systems.
CVE-2018-16864, CVE-2018-16865 are memory corruption flaws and CVE-2018-16866 is an out-of-bounds error that can leak data.
CVE-2018-16864 can be exploited by malware running on a Linux box or by a malicious logged-in user. On the other hand, CVE-2018-16865 and CVE-2018-16866 can be exploited by a local attacker. All three bugs can be exploited without user interaction.
Commenting on the existence of the CVE-2018-16864, Qualys’ researchers said that it “was introduced in April 2013 (systemd v203) and became exploitable in February 2016 (systemd v230). We developed a proof of concept for CVE-2018-16864 that gains eip control on i386,” said researchers at Qualys.
Similarly, the CVE-2018-16865 and CVE-2018-16866 were first detected in December 2011 and June 2015.
Almost all the systemd-based Linux distributions have been found to be vulnerable to the flaws. However, there are few exceptions and researchers claim that the bugs do not affect SUSE Linux Enterprise 15, openSUSE Leap 15.0, Fedora 28, and Fedora 29.