SUSE CVE-2024-11029

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the...

DEBIAN-CVE-2024-11029

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the...

UBUNTU-CVE-2024-11029

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the...

CVE-2024-11029 Freeipa: administrative user data leaked through systemd journal

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the...

PT-2025-1618 · Freeipa +4 · Freeipa +4

Name of the Vulnerable Software and Affected Versions: FreeIPA affected versions not specified Description: A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the...

Red Hat FreeIPA 安全漏洞

Red Hat FreeIPA is a suite of integrated security information management solutions from Red Hat USA. The product provides identity management, policy management, and audit management IPA capabilities for Linux and Unix computer networks. A security vulnerability exists in Red Hat FreeIPA that...

SUSE-SU-2022:4278-1 Security update for supportutils

This update for supportutils fixes the following issues: Security issues fixed: - Passwords correctly removed from email.txt, updates.txt and fs-iscsi.txt bsc1203818 Bug fixes: - Added lifecycle information - Fixed KVM virtualization detection on bare metal bsc1184689 - Added logging using...

libselinux bug fix and enhancement update

The libselinux packages contain the core library of an SELinux system. The libselinux library provides an API for SELinux applications to get and set process and file security contexts, and to obtain security policy decisions. It is required for any applications that use the SELinux API, and is...

Fedora 27 : systemd (2018-eea8cb8b0e)

a few memory leaks and uninitialized memory accesses - systemd-networkd Remote= must be a unicast address upstream issue 8088 - add /run/systemd/user to the unit lookup path upstream issue 8119 - various fixes for journalctl leaking file descriptors on very quick file rotation upstream issues...

snapd security bypass vulnerability

snapd is a tool used in Linux to create application snapshots. A security vulnerability exists in snapd versions 2.27 through 2.29.2, which stems from a program that creates the snap logs command to invoke journalctl without matching the parameters.An attacker could use this vulnerability to bypa...

CVE-2017-14178

In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's access restrictions...

UBUNTU-CVE-2017-14178

In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's access restrictions...

DEBIAN-CVE-2017-14178

In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's access restrictions...

Design/Logic Flaw

In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's access restrictions...

Oracle Linux 7 : systemd (ELSA-2016-2610)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-2610 advisory. 219-30.0.1.3 - set 'RemoveIPC=no' in logind.conf as default for OL7.2 22224874 - allow dm remove ioctl to co-operate with UEK3 Vaughan Cao Orabug: 18467469 - ad...

Fedora 21 setroubleshootd 3.2.22 - Local Privilege Escalation

Fedora 21 setroubleshootd 3.2.22 - Local Privilege Escalation setroubleshoot tries to find out which rpm a particular file belongs to when it finds SELinux access violation reports. The idea is probably to have convenient reports for the admin which type enforcement rules have to be relaxed...

Fedora 17 : systemd-44-6.fc17 (2012-6456)

This update fixes : - a bug that could be exploited to delete arbitrary directories. - F17 blocker bug 805942. Forward-compatible short command names loginctl, journalctl were added. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...