systemd - denial of service vulnerability - CVE-2016-7795, CVE-2016-7796
Issue
- systemd fails to correctly process zero-length messages
systemd: Assertion failure
when PID 1 receives a zero-length message over notify socket- On RHEL 7, systemd fails to correctly process zero-length messages received over its notification socket. After receiving such message, systemd hangs in the pause system call, making it no longer possible to start and stop system services, or cleanly shutdown or reboot the system. Additionally, login commands (like ssh or su) will hang for 30 or more seconds, inetd-style services managed by systemd no longer accept connections, and zombie processes having systemd as their parent process are not being cleaned up.
This problem can be triggered by a local user without root privileges.
Environment
- Red Hat Enterprise Linux (RHEL) 7.2 - CVE-2016-7795
- Red Hat Enterprise Linux (RHEL) 7.0, 7.1 - CVE-2016-7796
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.