Updated systemd packages fix security vulnerability

buffer overrun in formattimespan function bsc1204968 CVE-2022-3821 Import commit 0cd50eedcc0692c1f907b24424215f8db7d3b428 0469b9f2bc pstore: do not try to load all known pstore modules ad05f54439 pstore: Run after modules are loaded ccad817445 core: Add trigger limit for path units 281d818fe3...

SUSE-SU-2022:4056-1 Security update for systemd

This update for systemd fixes the following issues: - CVE-2022-3821: Fixed buffer overrun in formattimespan function bsc1204968. - Import commit 56bee38fd0da18dad5fc5c5d12c02238a22b50e2 8a70235d8a core: Add trigger limit for path units 93e544f3a0 core/mount: also add default before dependency for...

An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan() leading to a Denial of Service.

...

The vulnerability of the grub_font_construct_glyph() function, a loader for the Grub2 operating system, allows a hacker to execute arbitrary code.

The vulnerability of the grubfontconstructglyph function, a part of the Grub2 operating system loader, is related to the issue where an operation goes beyond the buffer boundaries in memory when processing specially formatted glyphs in the pf2 format. Exploiting this vulnerability allows an...

SUSE: Security Advisory (SUSE-SU-2022:3999-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:3999-1 Security update for systemd

This update for systemd fixes the following issues: - CVE-2022-3821: Fixed buffer overrun in formattimespan function bsc1204968. - Import commit 0cd50eedcc0692c1f907b24424215f8db7d3b428 0469b9f2bc pstore: do not try to load all known pstore modules ad05f54439 pstore: Run after modules are loaded...

The vulnerability of the TLS implementation in the microsoftware-based Industrial Ethernet Switch Hirschmann Eagle 20 (EagleSDV) allows a attacker to induce a service failure.

The vulnerability of the TLS implementation in the microprogrammable industrial Ethernet interface device Hirschmann Eagle 20 EagleSDV is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service...

The vulnerability of the HTTP(S) control module for operating systems HiOS with Belden Hirschmann network switches of the RSP, RSPE, RSPS, RSPL, MSP, EES, EESX, GRS, OS, and RED series, as well as the operating system HiSecOS with Belden Hirschmann network switches of the EAGLE20/30 series, allows a perpetrator to cause service interruptions.

The vulnerability of the HTTPS control module for operating systems HiOS and network switches from Belden Hirschmann, models RSP, RSPE, RSPS, RSPL, MSP, EES, EESX, GRS, OS, RED, as well as the operating system HiSecOS for network switches from Belden Hirschmann, model EAGLE20/30, is related to th...

NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2022-0076)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by multiple vulnerabilities: - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field...

The vulnerability of the system event service in the Microsoft Windows operating system allows a perpetrator to escalate their privileges.

The vulnerability of the COM+ Event System Service in the Microsoft Windows operating system is related to the occurrence of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the valid_parameter_transform function in the Bash operating system of Red Hat Enterprise Linux allows a hacker to execute arbitrary code.

The vulnerability of the validparametertransform function in the Bash library of the Red Hat Enterprise Linux operating system is related to operations that go beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability in the `QuickTimeVideo::userDataDecoder` function of the `quicktimevideo.cpp` file in the library and command-line utilities for managing image metadata with the Exiv2 library allows a attacker to perform a denial-of-service attack.

The vulnerability of the QuickTimeVideo::userDataDecoder function in the quicktimevideo.cpp file of the library and the command-line utility for managing image metadata in Exiv2 is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a...

The vulnerability in the `QuickTimeVideo::decodeBlock` function of the `quicktimevideo.cpp` file in the library and command-line utilities for managing image metadata from Exiv2 allows a hacker to execute arbitrary code.

The vulnerability in the QuickTimeVideo::decodeBlock function of the quicktimevideo.cpp file in the library and command-line utilities for managing image metadata with Exiv2 is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a remo...

The vulnerability of the `rasterize_edges_8` function in the Pixman library allows a hacker to execute arbitrary code.

The vulnerability of the rasterizeedges8 function in the Pixman library is related to the possibility of writing beyond buffer boundaries into memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability of the Windows Secure Channel component of the Windows operating system, which allows a hacker to trigger a service failure

The vulnerability of the Windows Secure Channel component of the Windows operating system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

CVE-2022-3821

An off-by-one Error issue was discovered in Systemd in formattimespan function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in formattimespan, leading to a Denial of Service...

AZL-41659 CVE-2022-3821 affecting package systemd-bootstrap for versions less than 250.3-17

An off-by-one Error issue was discovered in Systemd in formattimespan function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in formattimespan, leading to a Denial of Service...

DEBIAN-CVE-2022-3821

An off-by-one Error issue was discovered in Systemd in formattimespan function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in formattimespan, leading to a Denial of Service...

AZL-11443 CVE-2022-3821 affecting package systemd for versions less than 250.3-10

An off-by-one Error issue was discovered in Systemd in formattimespan function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in formattimespan, leading to a Denial of Service...

CVE-2022-3821

An off-by-one Error issue was discovered in Systemd in formattimespan function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in formattimespan, leading to a Denial of Service...