ALAS2-2019-1141 --- systemdID: oval:org.secpod.oval:def:1700126 | Date: (C)2019-06-04 (M)2023-12-20 |
Class: PATCH | Family: unix |
Large syslogd messages sent to journald can cause stack corruption, causing journald to crash. The version of systemd on Amazon Linux 2 is not vulnerable to privilege escalation in this case. Large native messages to journald can cause stack corruption, leading to possible local privilege escalation.Please note, if you have systemd-journald-remote configured over http, then you could be open to remote escalation on previous versions of the systemd package. The systemd-journald-remote service is not installed by default on Amazon Linux 2, and when installed and enabled, the default configuration is to use https. An out-of-bounds read in journald, triggered by a specially crafted message, can be used to leak information through the journal file