Security fix for the ALT Linux 9 package systemd version 1:242-alt1

April 13, 2019 Alexey Shabalin 1:242-alt1 - 242 Fixes: CVE-2019-3842 - move execute systemctl daemon-reexec from post-script to filetrigger - add requires systemd to libnss-systemd package ALT 36267 - move LOCKFILE to /run/lock in udev init script ALT 35888...

openSUSE Security Update : systemd (openSUSE-2019-909)

This update for systemd fixes the following issues : Security issues fixed : - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. bsc1113632 - CVE-2018-15686: A vulnerability in...

SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2018:3644-1)

This update for systemd fixes the following issues : Security issues fixed : CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. bsc1113632 CVE-2018-15686: A vulnerability in unitdeserialize ...

Command Execution

libpolkit.so is vulnerable to command execution. A lack of validation on the user's UID allows any user with a value greater than INTMAX to successfully execute any systemctl command...

Warning! Unprivileged Linux Users With UID > INT_MAX Can Execute Any Command

Hold tight, this may blow your mind… A low-privileged user account on most Linux operating systems with UID value anything greater than 2147483647 can execute any systemctl command unauthorizedly—thanks to a newly discovered vulnerability. The reported vulnerability actually resides in PolicyKit...

Warning! Unprivileged Linux Users With UID > INT_MAX Can Execute Any Command

Hold tight, this may blow your mind… A low-privileged user account on most Linux operating systems with UID value anything greater than 2147483647 can execute any systemctl command unauthorizedly—thanks to a newly discovered vulnerability. The reported vulnerability actually resides in PolicyKit...

Red Hat PolicyKit Command Execution Vulnerability

Red Hat PolicyKit a.k.a. Polkit is a tool from Red Hat, Inc. for privilege control of applications on Unix-compatible systems. The tool provides a central framework for authorizing general applications to do privileged work on modern desktops. A command execution vulnerability exists in Red Hat...

CVE-2018-19788

A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...

CVE-2018-19788

A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...

DEBIAN-CVE-2018-19788

A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...

ALPINE-CVE-2018-19788

A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...

CVE-2018-19788

A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...

CVE-2018-19788

A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...

UBUNTU-CVE-2018-19788

A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...

[SECURITY] Fedora 26 Update: knot-resolver-2.3.0-1.fc26

The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as...

[SECURITY] Fedora 28 Update: knot-resolver-2.3.0-1.fc28

The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as...

SUSE-SU-2017:0279-1 Security update for systemd

This update for systemd fixes the following issues: This security issue was fixed: - CVE-2016-10156: Fix permissions set on permanent timer timestamp files, preventing local unprivileged users from escalating privileges bsc1020601. These non-security issues were fixed: - Fix permission set on...

Oracle Linux 7 : systemd (ELSA-2016-2610)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-2610 advisory. 219-30.0.1.3 - set 'RemoveIPC=no' in logind.conf as default for OL7.2 22224874 - allow dm remove ioctl to co-operate with UEK3 Vaughan Cao Orabug: 18467469 - ad...

Important: Red Hat Security Advisory: mariadb-galera security and bug fix update

An update for mariadb-galera is now available for Red Hat OpenStack Platform 8.0 Liberty. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

openSUSE Security Update : systemd (openSUSE-2016-487)

This update for systemd fixes several issues. These security issues were fixed : - CVE-2014-9770, CVE-2015-8842: Don't allow read access to journal files to users boo972612 These non-security issues were fixed : - Import commit 523777609a04fe9e590420e89f94ef07e3719baa: e5e362a udev: exclude MD fr...