Lucene search

K
gentooGentoo FoundationGLSA-201810-10
HistoryOct 30, 2018 - 12:00 a.m.

systemd: Multiple vulnerabilities

2018-10-3000:00:00
Gentoo Foundation
security.gentoo.org
505

8.8 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.5%

Background

A system and service manager.

Description

Multiple vulnerabilities have been discovered in systemd. Please review the CVE identifiers referenced below for details.

Impact

An attacker could possibly execute arbitrary code, cause a Denial of Service condition, or gain escalated privileges.

Workaround

There is no known workaround at this time.

Resolution

All systemd users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=sys-apps/systemd-239-r2"
OSVersionArchitecturePackageVersionFilename
Gentooanyallsys-apps/systemd< 239-r2UNKNOWN

8.8 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.5%