CVE-2023-31438

2023-06-1317:15:14

Debian Security Bug Tracker

security-tracker.debian.org

cve-2023-31438

integrity check bypass

sealed log file

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

0.001 Low

EPSS

Percentile

38.8%

JSON

An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent “a reply denying that any of the finding was a security vulnerability.”

OSVersionArchitecturePackageVersionFilename
Debian12allsystemd<= 252.26-1~deb12u2systemd_252.26-1~deb12u2_all.deb
Debian11allsystemd<= 247.3-7+deb11u5systemd_247.3-7+deb11u5_all.deb
Debian999allsystemd<= 256.1-2systemd_256.1-2_all.deb
Debian13allsystemd<= 256.1-2systemd_256.1-2_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	systemd	<= 252.26-1~deb12u2	systemd_252.26-1~deb12u2_all.deb
Debian	11	all	systemd	<= 247.3-7+deb11u5	systemd_247.3-7+deb11u5_all.deb
Debian	999	all	systemd	<= 256.1-2	systemd_256.1-2_all.deb
Debian	13	all	systemd	<= 256.1-2	systemd_256.1-2_all.deb