Download
| Alert*
oval:org.secpod.oval:def:117100
systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, mainta ... oval:org.secpod.oval:def:120476 kernelshark is installed oval:org.secpod.oval:def:120475 KernelShark is a front end reader of trace-cmd output. trace-cmd record and trace-cmd extract create a trace.dat file. kernelshark can read this file and produce a graph and list view of its data. oval:org.secpod.oval:def:52127 systemd: system and service manager Details: USN-3816-1 fixed vulnerabilities in systemd. The fix for CVE-2018-6954 caused a regression in systemd-tmpfiles when running Linux Mint inside a container on some older kernels. This issue only affected Linux Mint 18.x LTS. In order to continue to support ... oval:org.secpod.oval:def:58869 systemd: system and service manager Details: USN-4120-1 fixed a vulnerability in systemd. The update included a recent SRU from the updates pocket that introduced networking problems for some users. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-4120-1 cause ... oval:org.secpod.oval:def:106668 systemd is installed oval:org.secpod.oval:def:53494 The Qualys Research Labs reported that the backported security fixes shipped in DSA 4367-1 contained a memory leak in systemd-journald. This and an unrelated bug in systemd-coredump are corrected in this update. Note that as the systemd-journald service is not restarted automatically a restart of th ... oval:org.secpod.oval:def:51511 systemd: system and service manager The system could be made unavailable under certain conditions. oval:org.secpod.oval:def:2000257 systemd v233 and earlier fails to safely parse usernames starting with a numeric digit , running the service in question with root privileges rather than the user intended. oval:org.secpod.oval:def:42507 In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and ... oval:org.secpod.oval:def:43821 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:503381 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:705169 systemd: system and service manager Details: USN-4120-1 fixed a vulnerability in systemd. The update included a recent SRU from the updates pocket that introduced networking problems for some users. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-4120-1 cause ... oval:org.secpod.oval:def:603609 The Qualys Research Labs reported that the backported security fixes shipped in DSA 4367-1 contained a memory leak in systemd-journald. This and an unrelated bug in systemd-coredump are corrected in this update. Note that as the systemd-journald service is not restarted automatically a restart of th ... oval:org.secpod.oval:def:106850 systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups, supports ... oval:org.secpod.oval:def:601127 Multiple security issues in systemd have been discovered by Sebastian Krahmer and Florian Weimer: Insecure interaction with DBUS could lead to the bypass of Policykit restrictions and privilege escalation or denial of service through an integer overflow in journald and missing input sanitising in th ... oval:org.secpod.oval:def:89044899 This update for systemd provides several fixes and enhancements. Security issues fixed: - CVE-2017-9217: Null pointer dereferencing that could lead to resolved aborting. - CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload from a DNS server. The update also fi ... oval:org.secpod.oval:def:703677 systemd: system and service manager systemd-resolved could be made to crash or run programs if it received a specially crafted DNS response. oval:org.secpod.oval:def:66484 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:89044638 This update for systemd fixes the following issues: Security issue fixed: - CVE-2017-9217: resolved: Fix null pointer p-question dereferencing that could lead to resolved aborting The update also fixed several non-security bugs: - core/mount: Use the -c flag to not canonicalize paths when calling / ... oval:org.secpod.oval:def:89002933 This update for systemd fixes the following issues: - CVE-2019-20386: Fixed a memory leak when executing the udevadm trigger command . - Renamed the persistent link for ATA devices - shared/install: try harder to find enablement symlinks when disabling a unit - tmpfiles: removed unnecessary assert ... oval:org.secpod.oval:def:89044965 This update for systemd fixes the following issues: This security issue was fixed: - CVE-2016-10156: Fix permissions set on permanent timer timestamp files, preventing local unprivileged users from escalating privileges . These non-security issues were fixed: - Fix permission set on /var/lib/systemd ... oval:org.secpod.oval:def:89002914 This update for systemd fixes the following issues: - CVE-2019-20386: Fixed a memory leak when executing the udevadm trigger command . - Renamed the persistent link for ATA devices - shared/install: try harder to find enablement symlinks when disabling a unit - tmpfiles: removed unnecessary assert ... oval:org.secpod.oval:def:89044680 This update for systemd and dracut fixes the following issues: Security issues fixed: - CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload from a DNS server. Non-security issues fixed in systemd: - Automounter issue in combination with NFS volumes - Missing sy ... oval:org.secpod.oval:def:703869 systemd: system and service manager systemd could be made to temporarily stop responding if it received specially crafted network traffic. oval:org.secpod.oval:def:66430 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:601348 systemd is installed oval:org.secpod.oval:def:89002078 This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. - CVE-2018-15686: A vulnerability in unit_deserialize of systemd ... oval:org.secpod.oval:def:504692 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:89003040 This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-6954: Fixed a vulnerability in the symlink handling of systemd-tmpfiles which allowed a local user to obtain ownership of arbitrary files . - CVE-2019-3842: Fixed a vulnerability in pam_systemd which allowed a loca ... oval:org.secpod.oval:def:89003277 This update for systemd fixes the following issues: Security vulnerability fixed: - CVE-2019-6454: Fixed a crash of PID1 by sending specially crafted D-BUS message on the system bus by an unprivileged user Other bug fixes and changes: - journal-remote: set a limit on the number of fields in a messa ... oval:org.secpod.oval:def:105905 systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups, supports ... oval:org.secpod.oval:def:204749 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:54394 Jann Horn discovered that the PAM module in systemd insecurely uses the environment and lacks seat verification permitting spoofing an active session to PolicyKit. A remote attacker with SSH access can take advantage of this issue to gain PolicyKit privileges that are normally only granted to client ... oval:org.secpod.oval:def:67977 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:66524 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:89002931 This update for systemd fixes the following issues: - CVE-2020-1712 Fix a heap use-after-free vulnerability, when asynchronous Polkit queries were performed while handling Dbus messages. A local unprivileged attacker could have abused this flaw to crash systemd services or potentially execute code ... oval:org.secpod.oval:def:89002873 This update for systemd provides the following fixes: - CVE-2020-1712 Fix a heap use-after-free vulnerability, when asynchronous Polkit queries were performed while handling Dbus messages. A local unprivileged attacker could have abused this flaw to crash systemd services or potentially execute cod ... oval:org.secpod.oval:def:1505980 [219-78.0.9.el7_9.7] - Core: explicitly trigger changing udev systemd_wants property [Orabug: 31858125] - Disable unprivileged BPF by default [Orabug: 32871008] - Resolve missing installation files for systemd-pstore [Orabug 32497787] - Change to have file tmpfiles.d/systemd-pstore.conf installed on ... oval:org.secpod.oval:def:507133 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:507137 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:89045110 This update for systemd fixes the following issues: Security issues fixed: - CVE-2021-33910: Fixed a denial of service in systemd Other fixes: - mount-util: shorten the loop a bit - mount-util: do not use the official MAX_HANDLE_SZ - mount-util: tape over name_to_handle_at flakiness - mount-u ... oval:org.secpod.oval:def:89045095 This update for systemd fixes the following issues: - CVE-2021-33910: Fixed a denial of service in systemd via unit_name_path_escape - Fixed a regression with hostnamectl and timedatectl - Fixed permissions for /usr/lib/udev/compat-symlink-generation Special Instructions and Notes: Please reboot ... oval:org.secpod.oval:def:89003392 This update for systemd provides the following fixes: Security issues fixed: - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled allocas - CVE-2018-16866: Fixed an information leak in journald - Fixed an issue during system startup in relation to encrypted sw ... oval:org.secpod.oval:def:111575 systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups, supports ... oval:org.secpod.oval:def:112425 systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups, supports ... oval:org.secpod.oval:def:112446 systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups, supports ... oval:org.secpod.oval:def:112526 systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups, supports ... oval:org.secpod.oval:def:112508 systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups, supports ... oval:org.secpod.oval:def:113397 systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, mainta ... oval:org.secpod.oval:def:113416 systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups, supports ... oval:org.secpod.oval:def:113617 systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, mainta ... oval:org.secpod.oval:def:114054 systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, mainta ... oval:org.secpod.oval:def:49185 systemd: system and service manager Details: USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. We apologize for the inconvenience. Original advisory systemd-tmpfiles could be made to change ownership ... oval:org.secpod.oval:def:49174 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:49175 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:78181 systemd: system and service manager systemd-tmpfiles could be made to crash or have other unspecified impacts. oval:org.secpod.oval:def:115916 systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, mainta ... oval:org.secpod.oval:def:3300315 SUSE Security Update: Security update for systemd oval:org.secpod.oval:def:1506437 [239-68.0.2] - Backport upstream pstore dmesg fix [Orabug: 34850699] - Standardize ioctl check and return -ENOTCONN, if quota is not enabled [Orabug: 34694253] - Disable unprivileged BPF by default [Orabug: 32870980] - backport upstream pstore tmpfiles patch [Orabug: 31420486] - udev rules: fix mem ... oval:org.secpod.oval:def:89047387 This update for systemd fixes the following issues: - CVE-2021-3997: Fixed an uncontrolled recursion in systemd"s systemd-tmpfiles which could cause a minor denial of service. Special Instructions and Notes: Please reboot the system after installing this update. oval:org.secpod.oval:def:3300538 SUSE Security Update: Security update for systemd oval:org.secpod.oval:def:507497 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:19500055 A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp. A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respec ... oval:org.secpod.oval:def:507541 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:507549 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:706280 systemd: system and service manager systemd-tmpfiles could be made to crash or have other unspecified impacts. oval:org.secpod.oval:def:89047626 This update for systemd fixes the following issues: - CVE-2021-3997: Fixed an uncontrolled recursion in systemd"s systemd-tmpfiles . The following non-security bugs were fixed: - udev/net_id: don"t generate slot based names if multiple devices might claim the same slot - localectl: don"t omit keyma ... oval:org.secpod.oval:def:3301163 SUSE Security Update: Security update for systemd oval:org.secpod.oval:def:3301277 SUSE Security Update: Security update for systemd oval:org.secpod.oval:def:111388 systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux cgroups, supports ... oval:org.secpod.oval:def:1501638 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:501914 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:2501121 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:89048192 This update for systemd fixes the following issues: - CVE-2022-4415: Fixed an issue where users could access coredumps with changed uid, gid or capabilities . Non-security fixes: - Enabled the pstore service . - Fixed an issue accessing TPM when secure boot is enabled . - Fixed an issue where a pamd ... oval:org.secpod.oval:def:89048115 This update for systemd fixes the following issues: Fixing the following issues: - units: restore RemainAfterExit=yes in systemd-vconsole-setup.service - vconsole-setup: don"t concat strv if we don"t need to - vconsole-setup: add more log messages - units: restore Before dependencies for systemd-vc ... oval:org.secpod.oval:def:89048078 This update for systemd fixes the following issues: - CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting . Bug fixes: - Restrict cpu rule to x86_64, and also update the rule files to make use of the "CONST{arch}" syntax . oval:org.secpod.oval:def:1506454 [250-12.0.2.3] - Backport upstream pstore dmesg fix [Orabug: 34868110] - Remove upstream references [Orabug: 33995357] - Disable unprivileged BPF by default [Orabug: 32870980] - udev rules: fix memory hot add and remove [Orabug: 31310273] - set RemoveIPC=no in logind.conf as default for OL7.2 [Orabu ... oval:org.secpod.oval:def:89048085 This update for systemd fixes the following issues: - CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting . Bug fixes: - Support by-path devlink for multipath nvme block devices . - Set SYSTEMD_NSS_DYNAMIC_BYPASS=1 env var for dbus-daemon . - Restrict cpu r ... oval:org.secpod.oval:def:89048086 This update for systemd fixes the following issues: - CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting . Bug fixes: - Support by-path devlink for multipath nvme block devices . oval:org.secpod.oval:def:2500945 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:4501173 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:3300741 SUSE Security Update: Security update for systemd oval:org.secpod.oval:def:1506394 [250-12.0.2.el9_1.1] - Backport upstream pstore dmesg fix [Orabug: 34868110] - Remove upstream references [Orabug: 33995357] - Disable unprivileged BPF by default [Orabug: 32870980] - udev rules: fix memory hot add and remove [Orabug: 31310273] - set RemoveIPC=no in logind.conf as default for OL7.2 ... oval:org.secpod.oval:def:1506357 [239-68.0.2.1] - Backport upstream pstore dmesg fix [Orabug: 34850699] - Standardize ioctl check and return -ENOTCONN, if quota is not enabled [Orabug: 34694253] - Disable unprivileged BPF by default [Orabug: 32870980] - backport upstream pstore tmpfiles patch [Orabug: 31420486] - udev rules: fix m ... oval:org.secpod.oval:def:120483 systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, mainta ... oval:org.secpod.oval:def:707694 systemd: system and service manager systemd could be made to crash or run programs if it received specially crafted DNS request. oval:org.secpod.oval:def:205981 Security Fix: systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:502596 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:2003632 A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real in journald-server.c does not free the memory allocated by set_iovec_field_free to store the `_CMDLINE=` entry. A local attacker may use this flaw to make systemd-jour ... oval:org.secpod.oval:def:205153 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:117035 systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, mainta ... oval:org.secpod.oval:def:116022 systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, mainta ... oval:org.secpod.oval:def:116101 systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, mainta ... oval:org.secpod.oval:def:89048671 This update for systemd fixes the following issues: * CVE-2023-26604: Fixed a privilege escalation via the less pager. * CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting . * CVE-2022-3821: Fixed buffer overrun in format_timespan function . Bug fixes: * ... oval:org.secpod.oval:def:89048549 This update for systemd fixes the following issues: * CVE-2023-26604: Fixed a privilege escalation via the less pager oval:org.secpod.oval:def:2600137 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:2500921 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:89404 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:89405 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:1701066 An off-by-one Error issue was discovered in Systemd in format_timespan function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan, leading to a Denial of Service oval:org.secpod.oval:def:5800000 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:3300630 SUSE Security Update: Security update for systemd oval:org.secpod.oval:def:4500018 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:89047304 This update for systemd fixes the following issues: - Updated to version 246.15 - CVE-2021-33910: Fixed a denial of service issue in systemd. - CVE-2020-13529: Fixed an issue that allows crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofin ... oval:org.secpod.oval:def:89047096 This update for systemd fixes the following issues: - CVE-2021-33910: Fixed a denial of service in systemd oval:org.secpod.oval:def:2500341 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:1505025 [239-45.0.2] - Disable unprivileged BPF by default [Orabug: 32870980] - backport upstream pstore tmpfiles patch [Orabug: 31420486] - udev rules: fix memory hot add and remove [Orabug: 31310273] - fix to enable systemd-pstore.service [Orabug: 30951066] - journal: change support URL shown in the catal ... oval:org.secpod.oval:def:4501357 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:73588 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:2500234 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:1504904 [239-45.0.1] - backport upstream pstore tmpfiles patch [Orabug: 31420486] - udev rules: fix memory hot add and remove [Orabug: 31310273] - fix to enable systemd-pstore.service [Orabug: 30951066] - journal: change support URL shown in the catalog entries [Orabug: 30853009] - fix to generate systemd-p ... oval:org.secpod.oval:def:58868 systemd: system and service manager systemd-resolved would allow unprivileged users to change DNS settings. oval:org.secpod.oval:def:1901952 It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will b ... oval:org.secpod.oval:def:1901955 It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially differe ... oval:org.secpod.oval:def:2004927 It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will b ... oval:org.secpod.oval:def:2004929 It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially differe ... oval:org.secpod.oval:def:2000589 systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is turned off, which allows local users to bypass intended access restrictions via vectors involving a hard link to a file for which the user lacks wr ... oval:org.secpod.oval:def:1901993 systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE check is mishandled. oval:org.secpod.oval:def:37413 systemd: system and service manager The system could be made unavailable under certain conditions. oval:org.secpod.oval:def:49184 systemd: system and service manager Details: USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. We apologize for the inconvenience. Original advisory systemd-tmpfiles could be made to change ownership ... oval:org.secpod.oval:def:2000689 It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user , a local attacker who is able to write to the PIDFile of the mentioned service may use this flaw to trick systemd into killing other ser ... oval:org.secpod.oval:def:2004046 A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sen ... oval:org.secpod.oval:def:52198 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:502231 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:1502128 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700007 Access to automounted volumes can lock upA race condition was found in systemd. This could result in automount requests not being serviced and processes using them could hang, causing denial of service. oval:org.secpod.oval:def:51988 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:703975 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:205142 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:503261 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:50175 In systemd before 240-1, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems. oval:org.secpod.oval:def:50167 An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. oval:org.secpod.oval:def:50168 An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. oval:org.secpod.oval:def:50169 An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-jou ... oval:org.secpod.oval:def:89049700 This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. - CVE-2018-15686: A vulnerability in unit_deserialize of systemd ... oval:org.secpod.oval:def:704402 systemd: system and service manager Details: USN-3816-1 fixed vulnerabilities in systemd. The fix for CVE-2018-6954 caused a regression in systemd-tmpfiles when running Ubuntu inside a container on some older kernels. This issue only affected Ubuntu 16.04 LTS. In order to continue to support this co ... oval:org.secpod.oval:def:115289 systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, mainta ... oval:org.secpod.oval:def:50176 In systemd before 240-1, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems. oval:org.secpod.oval:def:50177 In systemd before 240-1, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems. oval:org.secpod.oval:def:51025 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:51542 systemd: system and service manager Details: USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. We apologize for the inconvenience. Original advisory systemd-tmpfiles could be made to change ownership ... oval:org.secpod.oval:def:603605 The Qualys Research Labs discovered multiple vulnerabilities in systemd-journald. Two memory corruption flaws, via attacker-controlled allocas and an out-of-bounds read flaw leading to an information leak , could allow an attacker to cause a denial of service or the execution of arbitrary code. Fur ... oval:org.secpod.oval:def:502590 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:52124 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:51157 systemd: system and service manager systemd-networkd could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:115346 systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, mainta ... oval:org.secpod.oval:def:115740 systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, mainta ... oval:org.secpod.oval:def:51168 systemd: system and service manager Details: USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. We apologize for the inconvenience. Original advisory systemd-tmpfiles could be made to change ownership ... oval:org.secpod.oval:def:1504567 [219-67.0.1] - do not create utmp update symlinks for reboot and poweroff [Orabug: 27854896] - OL7 udev rule for virtio net standby interface [Orabug: 28826743] - fix _netdev is missing for iscsi entry in /etc/fstab [Orabug: 25897792] - set "RemoveIPC=no" in logind.conf as default for OL7.2 [222248 ... oval:org.secpod.oval:def:704396 systemd: system and service manager Details: USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. We apologize for the inconvenience. Original advisory systemd-tmpfiles could be made to change ownership ... oval:org.secpod.oval:def:53491 The Qualys Research Labs discovered multiple vulnerabilities in systemd-journald. Two memory corruption flaws, via attacker-controlled allocas and an out-of-bounds read flaw leading to an information leak , could allow an attacker to cause a denial of service or the execution of arbitrary code. Fur ... oval:org.secpod.oval:def:51191 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:205331 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:1700126 Large syslogd messages sent to journald can cause stack corruption, causing journald to crash. The version of systemd on Amazon Linux 2 is not vulnerable to privilege escalation in this case. Large native messages to journald can cause stack corruption, leading to possible local privilege escalation ... oval:org.secpod.oval:def:704437 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:704385 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:115952 systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, mainta ... oval:org.secpod.oval:def:1700112 An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate privileges.It was disc ... oval:org.secpod.oval:def:2001554 A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and includ ... oval:org.secpod.oval:def:704373 systemd: system and service manager systemd-networkd could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:502690 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:502613 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:603846 Jann Horn discovered that the PAM module in systemd insecurely uses the environment and lacks seat verification permitting spoofing an active session to PolicyKit. A remote attacker with SSH access can take advantage of this issue to gain PolicyKit privileges that are normally only granted to client ... oval:org.secpod.oval:def:1700139 It was found that bus_process_object in bus-objects.c allocates a buffer on the stack large enough to temporarily store the object path specified in the incoming message. A malicious unprivileged local user to send a message which results in the stack pointer moving outside of the bounds of the curr ... oval:org.secpod.oval:def:51222 systemd: system and service manager systemd could be made to crash if it received specially a crafted D-Bus message. oval:org.secpod.oval:def:53521 Chris Coulson discovered a flaw in systemd leading to denial of service. An unprivileged user could take advantage of this issue to crash PID1 by sending a specially crafted D-Bus message on the system bus. oval:org.secpod.oval:def:603643 Chris Coulson discovered a flaw in systemd leading to denial of service. An unprivileged user could take advantage of this issue to crash PID1 by sending a specially crafted D-Bus message on the system bus. oval:org.secpod.oval:def:205160 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes usi ... oval:org.secpod.oval:def:1502445 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:704499 systemd: system and service manager systemd could be made to crash if it received specially a crafted D-Bus message. oval:org.secpod.oval:def:19500593 systemd-resolved accepts records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles to manipulate records |