3891 matches found
systemd security update
239-82.0.4.5 - coredump: use %d in kernel core pattern - CVE-2025-4598...
Signal Handler Race Condition
Overview Affected versions of this package are vulnerable to Signal Handler Race Condition due to a lack of protection in the grantuseraccess function, which decides whether a user should be allowed to read a core file or not. An attacker can crash a SUID program and gain read access to the...
Oracle Linux 9 : systemd (ELSA-2025-20344)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20344 advisory. 252-51.0.2 - coredump: use %d in kernel core pattern - CVE-2025-4598 Tenable has extracted the preceding description block directly from the Oracle Linux...
Debian dsa-5931 : libnss-myhostname - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5931 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5931-1 [email protected] https://www.debian.org/security/...
DSA-5931-1 systemd - security update
Bulletin has no description...
ABB M2M Gateway Use-After-Free in embedded Systemd (CVE-2022-2526)
A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the...
CVE-2023-31439
An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security...
CVE-2022-22704
The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would in effect determine part of the configuration...
CVE-2022-25293
A systemd stack-based buffer overflow in WatchGuard Firebox and XTM appliances allows an authenticated remote attacker to potentially execute arbitrary code by initiating a firmware update with a malicious upgrade image. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8...
CVE-2021-23019
The NGINX Controller 2.0.0 thru 2.9.0 and 3.x before 3.15.0 Administrator password may be exposed in the systemd.txt file that is included in the NGINX support package...
CVE-2020-8903
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...
DEBIAN-CVE-2025-5024
A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer bei...
CVE-2015-8222
The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via unspecified vectors...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssh (SUSE-SU-2025:01638-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01638-1 advisory. This update for openssh fixes the following issue: Security fixes: - CVE-2025-32728: Fixed logic error i...
Security update for openssh
This update for openssh fixes the following issue: Security fixes: CVE-2025-32728: Fixed logic error in DisableForwarding option bsc1241012 Other fixes: - Fix ssh client segfault with GSSAPIKeyExchange=yes in sshkex2 due to gssapi proposal not being correctly initialized bsc1236826. The problem...
SUSE-SU-2025:01638-1 Security update for openssh
This update for openssh fixes the following issue: Security fixes: - CVE-2025-32728: Fixed logic error in DisableForwarding option bsc1241012 Other fixes: - Fix ssh client segfault with GSSAPIKeyExchange=yes in sshkex2 due to gssapi proposal not being correctly initialized bsc1236826. The problem...
Alibaba Cloud Linux 3 : 0218: systemd (ALINUX3-SA-2022:0218)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0218 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-33910: basic/unit-name.c in syste...
Alibaba Cloud Linux 3 : 0108: systemd (ALINUX3-SA-2023:0108)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0108 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-26604: systemd before 247 does not...
Alibaba Cloud Linux 3 : 0025: systemd (ALINUX3-SA-2023:0025)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0025 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-3821: An off-by-one Error issue was...
Alibaba Cloud Linux 3 : 0039: systemd (ALINUX3-SA-2022:0039)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0039 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-3842: In systemd before v242-rc4,...