EulerOS 2.0 SP5 : systemd (EulerOS-SA-2019-1045)

According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling CVE-2018-15688 - systemd: stack overflow when calling syslog from ...

RHEL 7 : systemd (RHSA-2019:0204)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0204 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides...

Fedora 29 : systemd (2018-c402eea18b)

Fix a local vulnerability from a race condition in chown-recursive CVE-2018-15687, 1639076 - Fix a local vulnerability from invalid handling of long lines in state deserialization CVE-2018-15686, 1639071 - Fix a remote vulnerability in DHCPv6 in systemd-networkd CVE-2018-15688, 1639067 - The DHCP...

SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2018:3767-2)

This update for systemd fixes the following issues : Security issues fixed : CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. bsc1113632 CVE-2018-15686: A vulnerability in unitdeserialize ...

Scientific Linux Security Update : NetworkManager on SL7.x x86_64 (20181127)

Security Fixes : - systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling CVE-2018-15688 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include"compat.inc"; if description scriptid119249; scriptversion"1.8";...

systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling

It was discovered that systemd-network does not correctly keep track of a buffer size when constructing DHCPv6 packets. This flaw may lead to an integer underflow that can be used to produce an heap-based buffer overflow. A malicious host on the same network segment as the victim's one may...

openSUSE Security Update : systemd (openSUSE-2018-1423)

This update for systemd fixes the following issues : Security issues fixed : - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. bsc1113632 - CVE-2018-15686: A vulnerability in...

DEBIAN-CVE-2018-15688

A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239...

CVE-2018-15688

A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239...

CVE-2018-15688 Out-of-Bounds write in systemd-networkd dhcpv6 option handling

A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239...

CVE-2018-15688

CVE-2018-15688 is a buffer/heap overwrite in the dhcpv6 option handling of systemd-networkd (systemd up to 239). A malicious DHCPv6 server on the same network could trigger an out-of-bounds write, potentially causing a Denial of Service or code execution. Affected products include systemd with ve...

CVE-2018-15688

A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239...

UBUNTU-CVE-2018-15688

A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239...

Fedora 27 : systemd (2018-eea8cb8b0e)

a few memory leaks and uninitialized memory accesses - systemd-networkd Remote= must be a unicast address upstream issue 8088 - add /run/systemd/user to the unit lookup path upstream issue 8119 - various fixes for journalctl leaking file descriptors on very quick file rotation upstream issues...

openSUSE Security Update : systemd (openSUSE-2018-216)

This update for systemd fixes the following issues : Security issue fixed : - CVE-2017-18078: tmpfiles: refuse to chown/chmod files which are hardlinked, unless protectedhardlinks sysctl is on. This could be used by local attackers to gain privileges bsc1077925 Non Security issues fixed : - core:...

SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2018:0546-1)

This update for systemd fixes the following issues: Security issue fixed : - CVE-2017-18078: tmpfiles: refuse to chown/chmod files which are hardlinked, unless protectedhardlinks sysctl is on. This could be used by local attackers to gain privileges bsc1077925 Non Security issues fixed : - core:...

Fedora 27 : systemd (2017-6263c938c7)

Use infinite timeouts for passwords during boot when JobTimeoutSec=0 - Some tty utf8-mode fixes - Only send one auxillary fd set over dbus - Various network-manager crash and spurious assert fixes - Do not remount network filesystems ro during shutdown and unmount DM devices better - Fix...

CVE-2014-4492

libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not verify that certain values have the expected data type, which allows attackers to execute arbitrary code in an networkd context via a crafted XPC message from a sandboxed app, as demonstrated by la...

Design/Logic Flaw

libnetcore in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not verify that certain values have the expected data type, which allows attackers to execute arbitrary code in an networkd context via a crafted XPC message from a sandboxed app, as demonstrated by la...

Google reveals 3 Apple OS X Zero-day Vulnerabilities

After exposing three critical zero-day vulnerabilities in Microsoft's Windows operating systems, Google's Project Zero vulnerability research program has revealed the existence of three more zero-day vulnerabilities, but this time, on Apple's OS X platform. The team has published three zero-day...