EUVD-2022-34781

Malicious code in bioql PyPI...

ABB M2M Gateway Use-After-Free in embedded Systemd (CVE-2022-2526)

A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...

Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2023-2403)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : systemd (EulerOS-SA-2022-2450)

According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in...

Design/Logic Flaw

A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...

CVE-2022-2526

A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...

CVE-2022-2526

CVE-2022-2526 is a use-after-free in systemd’s DNS stream handling (resolved-dns-stream.c). The root cause is that on_stream_io() and dns_stream_complete() do not increment the DnsStream reference count, allowing callbacks to dereference freed objects. Documents indicate this can lead to crashes ...

AlmaLinux 8 : systemd (ALSA-2022:6206)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:6206 advisory. - systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c CVE-2022-2526 Note that Nessus has not tested for this issue but has instea...

Ubuntu 18.04 LTS : systemd vulnerability (USN-5583-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5583-1 advisory. It was discovered that systemd incorrectly handled certain DNS requests, which leads to user-after-free vulnerability. An attacker could possibly use this issue t...

Oracle Linux 8 : systemd (ELSA-2022-6206)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-6206 advisory. 239-58.0.1.4 - Disable unprivileged BPF by default Orabug: 32870980 - backport upstream pstore tmpfiles patch Orabug: 31420486 - udev rules: fix memory hot add...

systemd security update

219-78.0.9.el79.7 - Core: explicitly trigger changing udev systemdwants property Orabug: 31858125 - Disable unprivileged BPF by default Orabug: 32871008 - Resolve missing installation files for systemd-pstore Orabug 32497787 - Change to have file tmpfiles.d/systemd-pstore.conf installed on upon...

systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...

systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...

CVE-2022-2526

A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...

RHEL 8 : systemd (RHSA-2022:6163)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6163 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive...

RHEL 8 : systemd (RHSA-2022:6162)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6162 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive...