CVE-2025-2515

A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...

CVE-2025-2515 Bluechi: privilege escalation in bluechi via unrestricted cross-node systemd dependencies

A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...

CVE-2025-2515

CVE-2025-2515 concerns BlueChi, a multi-node systemd service controller used in RHIVOS. The vulnerability allows a user with root privileges on a managed node (qm) to create or override systemd service unit files that affect the host node, enabling privilege escalation, unauthorized service execu...

PT-2025-53317

Name of the Vulnerable Software and Affected Versions BlueChi affected versions not specified Description A flaw exists in BlueChi, a multi-node systemd service controller used in RHIVOS. A user possessing root privileges on a managed node qm can create or override systemd service unit files...

CVE-2025-34135

Nagios XI versions prior to 2024R1.4.2 configure some systemd unit files with permission sets that were too permissive. In particular, the nagios.service unit had executable permissions that were not required. Overly permissive permissions on service unit files can broaden local attack surface by...

uptux

uptux Specialized privilege escalation checks for Linux systems. Implemented so far: - Writable systemd paths, services, timers, and socket units - Disassembles systemd unit files looking for: - References to executables that are writable - References to broken symlinks pointing to writeable...

Mageia: Security Advisory (MGASA-2024-0136)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0136 Updated puppet packages fix security vulnerabilities

The updated packages fix missing requires for puppet and fix commands in systemd units...

Updated puppet packages fix security vulnerabilities

The updated packages fix missing requires for puppet and fix commands in systemd units...

RCLocals - Linux Startup Analyzer

Inspired by 'Autoruns' from Sysinternals, RCLocals analyzes all Linux startup possibilities to find backdoors, also performs process integrity verification, scan for DLL injected processes and much more Things covered: ·List GPG keys trusted by the system ·Installed Packages ·File integrity...

USN-4728-1 snapd vulnerability

Gilad Reti and Nimrod Stoler discovered that snapd did not correctly specify cgroup delegation when generating systemd service units for various container management snaps. This could allow a local attacker to escalate privileges via access to arbitrary devices of the container host from within a...

UBUNTU-CVE-2020-27352

When generating the systemd service units for the docker snap and other similar snaps, snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself when reloading syst...

CVE-2020-26261 user-readable api tokens in systemd units

jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd. In jupyterhub-systemdspawner before version 0.15 user API tokens issued to single-user servers are specified in the environment of systemd units. These tokens are incorrectly accessible to all users...

user-readable api tokens in systemd units for JupyterHub

Impact user API tokens issued to single-user servers are specified in the environment of systemd units, which are accessible to all users. In particular, the-littlest-jupyterhub is affected, which uses systemdspawner by default. Patches Patched in jupyterhub-systemdspawner v0.15 Workarounds No...

GHSA-CG54-GPGR-4RM6 user-readable api tokens in systemd units for JupyterHub

Impact user API tokens issued to single-user servers are specified in the environment of systemd units, which are accessible to all users. In particular, the-littlest-jupyterhub is affected, which uses systemdspawner by default. Patches Patched in jupyterhub-systemdspawner v0.15 Workarounds No...

openSUSE: Security Advisory for conmon, (openSUSE-SU-2020:1559-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for rmt-server (openSUSE-SU-2020:0235-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : rmt-server (openSUSE-2020-235)

This update for rmt-server to version 2.5.2 fixes the following issues : Security issue fixed : - CVE-2019-18904: Fixed a denial of service in the offline migration bsc1160922. Non-security issue fixed : - Relaxed systemd units dependencies bsc1160673 - Added more verbose error reporting for SCC...

Security update for rmt-server (important)

openSUSE Security Update: Security update for rmt-server Announcement ID: openSUSE-SU-2020:0235-1 Rating: important References: 1141122 1157119 1160673 1160922 Cross-References: CVE-2019-18904 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has three fixes is now...

SUSE SLES15 Security Update : rmt-server (SUSE-SU-2020:0278-1)

This update for rmt-server to version 2.5.2 fixes the following issues : Security issue fixed : CVE-2019-18904: Fixed a denial of service in the offline migration bsc1160922. Non-security issue fixed : Relaxed systemd units dependencies bsc1160673 Added more verbose error reporting for SCC API...