4 matches found
CVE-2025-4598
The CVE-2025-4598 entry concerns a race condition in systemd-coredump that can let a local attacker read a crashed SUID process’s core dump. Affected component is systemd and its coredump handling; root cause is a kill-and-replace race where the kernel recycles a PID before systemd-coredump can a...
CVE-2023-31437
Summary: CVE-2023-31437 affects systemd 253. An attacker could modify a sealed log file so that, in some views, not all existing and sealed log messages are displayed. The vendor reportedly denied this as a vulnerability. The connected sources (NVD, OSV entries) describe the issue but do not prov...
CVE-2023-31439
CVE-2023-31439 : Affects systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file so that integrity checking shows no error, despite modifications. The Initial Description notes the vendor replied denying that this finding is a security vulnera...
CVE-2023-31438
Mode C: Affected product: systemd 253. Issue: attacker can truncate a sealed log file and then resume log sealing to make integrity checks pass despite modifications. Connected Red Hat doc for CVE-2023-31438 repeats this description and notes the vendor’s reply denying that it is a security vulne...