Red Hat Security Advisory 2019-2402-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Stack overflow vulnerabilities have been addressed.
acea42bd46edaf2078173eb391f758e7695ba32e4216ac70d687b67255ff6baeThis is the systemd-journald exploit produced by Qualys that demonstrates the vulnerabilities as highlighted in CVE-2018-16865 and CVE-2018-16866.
d1b7894dd26a8b8f09a1ab5daecbd7e72976370c01e517c417e68ce0cbf49297Gentoo Linux Security Advisory 201903-7 - Multiple vulnerabilities have been found in systemd, the worst of which may allow execution of arbitrary code. Versions less than 239-r4 are affected.
2460a4ff120455c4fb22e6a4569df946a8636e43beb21599764d129ef5f68aadRed Hat Security Advisory 2019-0361-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Issues addressed include stack overflow vulnerabilities.
a5a8677c8603e96cdd87eb005aaaf0c1f9ed17b0b6b3a027414690708ca0df13Red Hat Security Advisory 2019-0342-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include stack overflow vulnerabilities.
5592009185b8f2475f7dbf638898a17554a141582bcb0a280f2b2ccb019188a1Red Hat Security Advisory 2019-0271-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a stack overflow vulnerability.
ff905303c6db54649d5fbd7e6c6d3027bf65a74efe6d252c36eae5d30cb0db93Red Hat Security Advisory 2019-0204-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a stack overflow vulnerability.
6fcd5d14a723cf02465650b3333098f9f2c57140c8be2ebe89550de8bb349677Red Hat Security Advisory 2019-0049-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include an out-of-bounds heap write and stack overflows.
192c49fe3acc8444a71a8d0209cd1bf76aca4a4c7da8f91752ffbfe5a807a352Debian Linux Security Advisory 4367-1 - The Qualys Research Labs discovered multiple vulnerabilities in systemd-journald. Two memory corruption flaws, via attacker-controlled alloca()s (CVE-2018-16864, CVE-2018-16865) and an out-of-bounds read flaw leading to an information leak (CVE-2018-16866), could allow an attacker to cause a denial of service or the execution of arbitrary code.
f1905ee4f2f177d9148c8dde2b87c29cde068f90652dff3c397a9679c408cf42Ubuntu Security Notice 3855-1 - It was discovered that systemd-journald allocated variable-length buffers for certain message fields on the stack. A local attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. It was discovered that systemd-journald allocated variable-length arrays of objects representing message fields on the stack. A local attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.
313129e580e1a6c997a4d40ecc4c3d8bc4808c5924d9fa90ca3eaf9e11f94bd2This is a thorough analysis of how Qualys approached exploiting three vulnerabilities in systemd-journald. Although they have not released formal exploits yet, they detail in here is useful in understanding the flaws.
19a689d664d755e0625285bb3e35b7cb5791449a424da89709b8ef0bf6fdcb91
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed