3900 matches found
[SECURITY] [DLA 4259-1] systemd security update
Debian LTS Advisory DLA-4259-1 [email protected] https://www.debian.org/lts/security/ Carlos Henrique Lima Melara July 30, 2025 https://wiki.debian.org/LTS Package : systemd Version : 247.3-7+deb11u7 CVE ID : CVE-2025-4598 Debian Bug : 1106785 The Qualys Threat Research Unit TRU...
DLA-4259-1 systemd - security update
Bulletin has no description...
Debian dla-4259 : libnss-myhostname - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4259 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4259-1 [email protected] https://www.debian.org/lts/security/...
uptux
uptux Specialized privilege escalation checks for Linux systems. Implemented so far: - Writable systemd paths, services, timers, and socket units - Disassembles systemd unit files looking for: - References to executables that are writable - References to broken symlinks pointing to writeable...
NewStart CGSL MAIN 7.02 : systemd Vulnerability (NS-SA-2025-0186)
The remote NewStart CGSL host, running version MAIN 7.02, has systemd packages installed that are affected by a vulnerability: - A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowi...
PAM Environment Variable Injection
PAM pamenv.so module allows environment variable injection via /.pamenvironment leading to privilege escalation through SystemD session manipulation. This scripts gauges exploitability...
gnome-remote-desktop: Uncontrolled Resource Consumption due to Malformed RDP PDUs
A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer bei...
gnome-remote-desktop: Uncontrolled Resource Consumption due to Malformed RDP PDUs
A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer bei...
gnome-remote-desktop: Uncontrolled Resource Consumption due to Malformed RDP PDUs
A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer bei...
Azure Linux 3.0 Security Update: cloud-init (CVE-2024-11584)
The version of cloud-init installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-11584 advisory. - cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default...
OESA-2025-1764 systemd security update
systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged...
Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes
...
cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands.
...
CBL Mariner 2.0 Security Update: systemd / systemd-bootstrap (CVE-2023-7008)
The version of systemd / systemd-bootstrap installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-7008 advisory. - A vulnerability was found in systemd-resolved. This issue May allow systemd-resolved to...
CVE-2023-7008 affecting package systemd-bootstrap for versions less than 250.3-13
CVE-2023-7008 affecting package systemd-bootstrap for versions less than 250.3-13. A patched version of the package is available...
CVE-2023-7008 affecting package systemd for versions less than 250.3-22
CVE-2023-7008 affecting package systemd for versions less than 250.3-22. A patched version of the package is available...
SUSE: Security Advisory (SUSE-SU-2025:02244-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2025:02244-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12: libsystemd0 / libsystemd0-32bit / libudev-devel / libudev1 / etc (SUSE-SU-2025:02243-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:02243-1 advisory. - CVE-2025-4598: Fixed race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump bsc1243935...
SUSE SLED15: libsystemd0 / libsystemd0-32bit / libudev1 / libudev1-32bit / etc (SUSE-SU-2025:02244-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02244-1 advisory. - CVE-2025-4598: Fixed race condition that allows a local attacker to crash a SUID program and gain read...