OSV-2023-304 UNKNOWN READ in _hashmap_free

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57928 Crash type: UNKNOWN READ Crash state: hashmapfree journalremoteserverdestroy fuzz-journal-remote.c...

PT-2023-35768 · Git +1 · Systemd

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash occurred due to an unknown read issue. The crash state involves hashmap free and journal remote server destroy functions in the...

systemd security and bug fix update

219-78.0.1 - Backport upstream patches related to private-tmp Sushmita Bhattacharya Orabug: 31561883 - backport upstream pstore tmpfiles patch Eric DeVolder Orabug: 31414539 - udev rules: fix memory hot add and remove Orabug: 31309730 - enable and start the pstore service Orabug: 30950903 - fix t...

systemd:fuzz-journal-remote: Use-of-uninitialized-value in strjoin_real

Project: https://github.com/systemd/systemd.git Detailed Report: https://oss-fuzz.com/testcase?key=5730988035670016 Project: systemd Fuzzing Engine: libFuzzer Fuzz Target: fuzz-journal-remote Job Type: libfuzzermsansystemd Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address:...

systemd security, bug fix, and enhancement update

239-18.0.1 - fix netdev is missing for iscsi entry in /etc/fstab [email protected] Orabug: 25897792 - set 'RemoveIPC=no' in logind.conf as default for OL7.2 Orabug: 22224874 - allow dm remove ioctl to co-operate with UEK3 Vaughan Cao Orabug: 18467469 - add hv dynamic memory support Jerry...

systemd: stack overflow when receiving many journald entries

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash...

systemd: stack overflow when receiving many journald entries

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash...

systemd security update

219-62.0.4 - do not create utmp update symlinks for reboot and poweroff Orabug: 27854896 - OL7 udev rule for virtio net standby interface Orabug: 28826743 - fix netdev is missing for iscsi entry in /etc/fstab Orabug: 25897792 [email protected] - set 'RemoveIPC=no' in logind.conf as default fo...

Fedora 29 : systemd (2019-18b3a10c7f)

systemd-journald and systemd-journal-remote reject entries which contain too many fields CVE-2018-16865, 1664973 and set limits on the process' command line length CVE-2018-16864, 1664972 - Fix out-of-bounds read when parsing a crafted syslog message in systemd-journald CVE-2018-16866, 1664975 -...

UBUNTU-CVE-2018-16865

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash...

PT-2018-2289 · Systemd +5 · Systemd-Journal-Remote +6

Name of the Vulnerable Software and Affected Versions: systemd-journald versions through v240 systemd-journal-remote versions through v240 Description: The issue is caused by an unbounded memory allocation in the systemd-journald and systemd-journal-remote binary system, which can lead to a stack...

systemd/fuzz-journal-remote: Use-of-uninitialized-value in utf8_encoded_valid_unichar

Project: https://github.com/systemd/systemd.git Detailed report: https://oss-fuzz.com/testcase?key=4576639299092480 Project: systemd Fuzzer: libFuzzersystemdfuzz-journal-remote Fuzz target binary: fuzz-journal-remote Job Type: libfuzzermsansystemd Platform Id: linux Crash Type:...

systemd/fuzz-journal-remote: Heap-buffer-overflow in print_multiline

Project: https://github.com/systemd/systemd.git Detailed report: https://oss-fuzz.com/testcase?key=4788028143828992 Project: systemd Fuzzer: libFuzzersystemdfuzz-journal-remote Fuzz target binary: fuzz-journal-remote Job Type: libfuzzerasansystemd Platform Id: linux Crash Type: Heap-buffer-overfl...

systemd/fuzz-journal-remote: Use-of-uninitialized-value in ascii_is_valid

Project: https://github.com/systemd/systemd.git Detailed report: https://oss-fuzz.com/testcase?key=5661112182767616 Project: systemd Fuzzer: libFuzzersystemdfuzz-journal-remote Fuzz target binary: fuzz-journal-remote Job Type: libfuzzermsansystemd Platform Id: linux Crash Type:...