Intrusion Prevention

Ubuntu.Systemd.Resolved.dns_packet_new.Memory.Corruption

Description

This indicates an attack attempt to exploit a Memory Corruption vulnerability in Ubuntu Systemd.
The vulnerability is due to lack of size checking when the vulnerable software attempts to access a specially crafted DNS response packet. An attacker can exploit this to execute arbitrary code within the context of the logged in user via a crafted DNS packet.

Affected Products

Ubuntu 17.04
Ubuntu 16.10

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.ubuntu.com/usn/usn-3341-1/

CVE References

CVE-2017-9445