USN-3891-1: systemd vulnerability

18 February 2019

systemd vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS

Summary

systemd could be made to crash if it received specially a crafted D-Bus message.

Software Description

  • systemd - system and service manager

Details

It was discovered that systemd incorrectly handled certain D-Bus messages. A local unprivileged attacker could exploit this in order to crash the init process, resulting in a system denial-of-service (kernel panic).

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10
libsystemd0 - 239-7ubuntu10.8
systemd - 239-7ubuntu10.8
Ubuntu 18.04 LTS
libsystemd0 - 237-3ubuntu10.13
systemd - 237-3ubuntu10.13
Ubuntu 16.04 LTS
libsystemd0 - 229-4ubuntu21.16
systemd - 229-4ubuntu21.16

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

References