Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Ubuntu: 4120-1 Critical: Systemd DNS Setting Manipulation

Calendar Sep 03, 2019 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory access control Ubuntu local exploit systemd service manager DNS settings
systemd-resolved would allow unprivileged users to change DNS settings. 
=========================================================================Ubuntu Security Notice USN-4120-1
September 03, 2019

systemd vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 19.04
- Ubuntu 18.04 LTS

Summary:

systemd-resolved would allow unprivileged users to change DNS settings.

Software Description:
- systemd: system and service manager

Details:

It was discovered that the systemd-resolved D-Bus interface did not
enforce appropriate access controls. A local unprivileged user could
exploit this to modify a system's DNS resolver settings.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
  systemd                         240-6ubuntu5.6

Ubuntu 18.04 LTS:
  systemd                         237-3ubuntu10.28

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-4120-1
  CVE-2019-15718

Package Information:
  https://launchpad.net/ubuntu/+source/systemd/240-6ubuntu5.6
  https://launchpad.net/ubuntu/+source/systemd/237-3ubuntu10.28

Ubuntu: 4120-1 Critical: Systemd DNS Setting Manipulation

ubuntu
Calendar Grey September 3, 2019
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-4120-1 highlights a critical vulnerability in systemd that permits non-privileged users to modify DNS configurations.
systemd-resolved would allow unprivileged users to change DNS settings.

Summary

Topics%20covered

Topics Covered

security advisory access control Ubuntu local exploit systemd service manager DNS settings

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: systemd 240-6ubuntu5.6 Ubuntu 18.04 LTS: systemd 237-3ubuntu10.28 After a standard system update you need to reboot your computer to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4120-1

CVE-2019-15718

Severity
critical
Lowest
Low
Medium
High
Critical

September 03, 2019

Topics%20covered

Topics Covered

security advisory access control Ubuntu local exploit systemd service manager DNS settings

Package Information

https://launchpad.net/ubuntu/+source/systemd/240-6ubuntu5.6 https://launchpad.net/ubuntu/+source/systemd/237-3ubuntu10.28

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here