Skip to content

Critical Systemd Vulnerability Can Crash Linux OS

Any user can exploit this bug to crash your Linux system. Update now to stay secure.

In the image there is a bug on the white surface.
In the image there is a bug on the white surface.

Critical Systemd Vulnerability Can Crash Linux OS

A critical vulnerability has been discovered in systemd, the popular system and service manager used in Linux. Qualys Research Team has warned that any unprivileged user can exploit this stack exhaustion denial-of-service vulnerability to cause a kernel panic and crash the entire operating system.

The vulnerability, tracked as CVE-2021-33910, was introduced in systemd v220, released in April 2021. It allows an attacker to exploit a stack exhaustion issue, leading to a denial of service. A proof of concept (PoC) is available, demonstrating the ease of exploitation.

Qualys has released QIDs to identify vulnerable Linux servers running systemd. All versions from April 2015 onwards are affected, including the latest. The vulnerability can be prioritized using real-time threat indicators such as Predicted_High_Risk, Denial_of_Service, and Easy_Exploit.

Qualys recommends immediate patching for this vulnerability. Users can search the vulnerability knowledgebase using CVE-2021-33910 to identify all the QIDs and assets vulnerable for this issue. The security advisory CVE-2021-33909 was published by Qualys on August 9, 2021.

Read also:

Latest