As per summary, systemd-networkd segfaults on many routing rules due to uninitialized stack variables (CWE-457). This might have security implications, but I'm not qualified to comment further on that. Reported upstream in https://github.com/systemd/systemd/issues/7704 Fixed upstream, patch available: https://github.com/systemd/systemd/pull/7712.patch (which also fixes yet another segfault related to rule handling) I'd like to stress that systemd-236-r1 is very broken due to this bug, since in the case when routing rules are present, systemd-networkd is extremely likely to crash on startup. Which ultimately leads to broken network configuration (or a complete lack of network configuration altogether)
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=74c80b910f8cd292bf52a0d78324ef7bb47ec8e9 commit 74c80b910f8cd292bf52a0d78324ef7bb47ec8e9 Author: Mike Gilbert <floppym@gentoo.org> AuthorDate: 2017-12-28 16:00:39 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2017-12-28 16:00:55 +0000 sys-apps/systemd: backport networkd bugfix Closes: https://bugs.gentoo.org/642116 Package-Manager: Portage-2.3.19_p2, Repoman-2.3.6_p36 sys-apps/systemd/Manifest | 1 + ...generator-Don-t-mistake-NULL-input-as-OOM.patch | 49 ---------------------- ...systemd-236-r1.ebuild => systemd-236-r2.ebuild} | 8 ++-- 3 files changed, 5 insertions(+), 53 deletions(-)
