Major Linux distributions suffer from the latest system crippling bug

A system administrator, Andrew Ayer discovered a crippling bug while working with his Linux System. He reported the issue at length in his blog post pointing out how anyone could crash Systemd by one single tweet.


A system administrator, Andrew Ayer discovered a crippling bug while working with his Linux System. He reported the issue at length in a blogpost pointing out how anyone could crash Systemd by one single tweet. The system will not collapse as soon as the tweet is rendered on screen by the system. Instead, what it meant was that any Linux distribution could be crippled by a command that can fit into one tweet. He even posted a tweet with the command to prove his point.

 

According to the blog post and report by TeckLyfe.com, the bug has existed for more than two years without being noticed by developers and system administrators around the world. The most striking aspect of the bug is that it can cripple the system without any need for root access. On running ' NOTIFY_SOCKET=/run/systemd/notify systemd-notify "" ,' anyone can hang a Linux system using the simple command.

Some Linux systems did not crash using the command. However, addition of 'While true' loop resulted in the systems crashing as reported in the blogpost. According to the post, both these commands hang PID 1 in pause system call, the system does not respond to incoming requests or connections. To simply, your system stops responding and freezes. The worst part of the entire system is that you can't reboot it properly, and even after reboot, the system feels unstable.

Linux distributions like Ubuntu, Debian and CentOS, are affected by this bug. Ubuntu released a security update last week patching this bug, as detailed on the website. Andrew pointed out that Systemd has fundamental problems where developers have unnecessarily made the PID 1 complex. What makes it a cause of concern is the fact that it runs in the root directory.

Find our entire collection of stories, in-depth analysis, live updates, videos & more on Chandrayaan 2 Moon Mission on our dedicated #Chandrayaan2TheMoon domain.