182 matches found
NewStart CGSL CORE 5.04 / MAIN 5.04 : systemd Vulnerability (NS-SA-2023-0030)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has systemd packages installed that are affected by a vulnerability: - An off-by-one Error issue was discovered in Systemd in formattimespan function of time-util.c. An attacker could supply specific values for time and accurac...
DEBIAN-CVE-2023-26604
systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less...
CVE-2023-26604
systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less...
SUSE CVE-2016-7795
The managerinvokenotifymessage function in systemd 231 and earlier allows local users to cause a denial of service assertion failure and PID 1 hang via a zero-length message received over a notify socket...
SUSE CVE-2018-15686
A vulnerability in unitdeserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and...
SUSE CVE-2018-20839
systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE aka current keyboard mode check is mishandled...
SUSE CVE-2020-13529
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server...
Oracle Linux 9 : systemd (ELSA-2023-0336)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-0336 advisory. 250-12.0.2.el91.1 - Backport upstream pstore dmesg fix Orabug: 34868110 - Remove upstream references Orabug: 33995357 - Disable unprivileged BPF by default...
A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.
...
OESA-2023-1027 systemd security update
systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suiddumpable kernel setting.CVE-2022-4415...
RHEL 8 : systemd (RHSA-2023:0100)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0100 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive...
DEBIAN-CVE-2022-4415
A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suiddumpable kernel setting...
CVE-2022-4415
A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suiddumpable kernel setting...
PT-2023-15019 · Systemd · System
Name of the Vulnerable Software and Affected Versions: System affected versions not specified Description: The issue concerns a problem that may cause dynamic hiding and restoring of app icons. Successful exploitation of this issue may cause malicious hiding of app icons. Recommendations: At the...
PT-2022-7108 · Systemd +9 · Systemd +9
Name of the Vulnerable Software and Affected Versions: systemd versions 247 and later, with affected builds including those with libacl support Description: A security flaw in systemd-coredump can cause a local information leak due to not respecting the fs.suid dumpable kernel setting. This issue...
The vulnerability of the Systemd initialization and service management subsystem, related to bypassing authentication through spoofing, allows a perpetrator to trigger a service failure.
The vulnerability of the Systemd service initialization and management subsystem relates to bypassing authentication through spoofing. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...
systemd 安全漏洞
systemd is a Linux-based system and service manager from the individual developer Lennart Poettering in Germany. The product is compatible with SysV and LSB startup scripts and provides a framework for representing dependencies between system services. A security vulnerability exists in systemd. ...
CVE-2022-3821
An off-by-one Error issue was discovered in Systemd in formattimespan function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in formattimespan, leading to a Denial of Service...
USN-5583-1 systemd vulnerability
It was discovered that systemd incorrectly handled certain DNS requests, which leads to user-after-free vulnerability. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2022-2526...
Ubuntu 18.04 LTS : systemd vulnerability (USN-5583-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5583-1 advisory. It was discovered that systemd incorrectly handled certain DNS requests, which leads to user-after-free vulnerability. An attacker could possibly use this issue t...