Download
| Alert*
oval:org.secpod.oval:def:89003392
This update for systemd provides the following fixes: Security issues fixed: - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled allocas - CVE-2018-16866: Fixed an information leak in journald - Fixed an issue during system startup in relation to encrypted sw ... oval:org.secpod.oval:def:603605 The Qualys Research Labs discovered multiple vulnerabilities in systemd-journald. Two memory corruption flaws, via attacker-controlled allocas and an out-of-bounds read flaw leading to an information leak , could allow an attacker to cause a denial of service or the execution of arbitrary code. Fur ... oval:org.secpod.oval:def:53491 The Qualys Research Labs discovered multiple vulnerabilities in systemd-journald. Two memory corruption flaws, via attacker-controlled allocas and an out-of-bounds read flaw leading to an information leak , could allow an attacker to cause a denial of service or the execution of arbitrary code. Fur ... oval:org.secpod.oval:def:51191 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:205142 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:502590 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:115952 systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, mainta ... oval:org.secpod.oval:def:115740 systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, mainta ... oval:org.secpod.oval:def:50176 In systemd before 240-1, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems. oval:org.secpod.oval:def:1700126 Large syslogd messages sent to journald can cause stack corruption, causing journald to crash. The version of systemd on Amazon Linux 2 is not vulnerable to privilege escalation in this case. Large native messages to journald can cause stack corruption, leading to possible local privilege escalation ... oval:org.secpod.oval:def:50169 An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-jou ... oval:org.secpod.oval:def:1503166 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700112 An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate privileges.It was disc ... oval:org.secpod.oval:def:704437 systemd: system and service manager Several security issues were fixed in systemd. |