The D in Systemd stands for 'Dammmmit!' A nasty DHCPv6 packet can pwn a vulnerable Linux box

Found on The Register on Saturday, 27 October 2018

The flaw therefore puts Systemd-powered Linux computers – specifically those using systemd-networkd – at risk of remote hijacking: maliciously crafted DHCPv6 packets can try to exploit the programming cockup and arbitrarily change parts of memory in vulnerable systems, leading to potential code execution. This code could install malware, spyware, and other nasties, if successful.

Though a number of major admins have in recent years adopted and championed it as the replacement for the old Init era, others within the Linux world seem to still be less than impressed with Systemd and Poettering's occasionally controversial management of the tool.

The question is, why would someone stuff anything network related into what was supposed to be an init replacement? Or all the other crap SystemD contains? Another question is why they wrote DHCPv6 from scratch when IPv6 does not really need DHCP since it has Stateless Address Autoconfiguration (SLAAC) and Neighbor Discovery Protocol (NDP).

Browse all articles« Previous « » Next »