CVE-2024-53128

The CVE-2024-53128 issue is in the Linux kernel’s sched/task_stack path: when CONFIG_KASAN_SW_TAGS and CONFIG_KASAN_STACK are enabled, object_is_on_stack() may yield incorrect results because tagged pointers in the object could differ from the untagged stack pointer. The result can trigger warnin...

Fedora: Security Advisory for systemd (FEDORA-2024-c79658eedf)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GSD-2023-1002134 bpf: Skip task with pid=1 in send_signal_common()

bpf: Skip task with pid=1 in sendsignalcommon This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.167 by commit...

Fedora: Security Advisory for systemd (FEDORA-2021-166e461c8d)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2021-33910: Denial of Service (Stack Exhaustion) in systemd (PID 1)

The Qualys Research Team has discovered a stack exhaustion denial-of-service vulnerability in systemd, a near-ubiquitous utility available on major Linux operating systems. Any unprivileged user can exploit this vulnerability to crash systemd and hence the entire operating system a kernel panic...

CentOS 8 : systemd (CESA-2019:0990)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:0990 advisory. - systemd: Insufficient input validation in busprocessobject resulting in PID 1 crash CVE-2019-6454 Note that Nessus has not tested for this issue but has inste...

EulerOS 2.0 SP3 : systemd (EulerOS-SA-2020-1436)

According to the version of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The managerinvokenotifymessage function in systemd 231 and earlier allows local users to cause a denial of service assertion failure and PID 1 han...

Fedora: Security Advisory for systemd (FEDORA-2020-f8e267d6d0)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2019-1153)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 29 Update: systemd-239-14.git33ccd62.fc29

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...

Important: Red Hat Security Advisory: systemd security and bug fix update

An update for systemd is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 7 : systemd (RHSA-2019:1322)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1322 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive...

Fedora Update for systemd FEDORA-2019-1fb1547321

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

EulerOS 2.0 SP2 : systemd (EulerOS-SA-2019-1128)

According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864 CVE-2019-3815 - systemd: Insufficient input validation in...

EulerOS 2.0 SP5 : systemd (EulerOS-SA-2019-1153)

According to the version of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - systemd: Insufficient input validation in busprocessobject resulting in PID 1 crash CVE-2019-6454 Note that Tenable Network Security has extracted...

EulerOS 2.0 SP3 : systemd (EulerOS-SA-2019-1107)

According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling CVE-2018-15688 - systemd: stack overflow when calling syslog from ...

CentOS 7 : systemd (CESA-2019:0368)

An update for systemd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Important: systemd

Issue Overview: It was found that busprocessobject in bus-objects.c allocates a buffer on the stack large enough to temporarily store the object path specified in the incoming message. A malicious unprivileged local user to send a message which results in the stack pointer moving outside of the...

Updated docker packages fix security vulnerability

The runc component used by docker exec feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can,...

Design/Logic Flaw

RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or...