CVE-2013-4391: Integer Overflow
First published: Thu Sep 20 2012(Updated: )
An integer overflow, leading to heap-based buffer overflow flaw was found in the way journald functionality of systemd, a system and service manager, processed native messages. A local attacker could provide a specially-crafted packet that when processed by systemd would lead to systemd daemon crash or, potentially, arbitrary code execution with the privileges of the user running the daemon. Issue found by Florian Weimer, Red Hat Product Security Team Upstream patch: [1] <a href="http://cgit.freedesktop.org/systemd/systemd/commit/?id=505b6a61c22d5565e9308045c7b9bf79f7d0517e">http://cgit.freedesktop.org/systemd/systemd/commit/?id=505b6a61c22d5565e9308045c7b9bf79f7d0517e</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Systemd Project Systemd | <190 | |
| Debian Debian Linux | =7.0 |
Remedy
http://cgit.freedesktop.org/systemd/systemd/commit/?id=505b6a61c22d5565e9308045c7b9bf79f7d0517e
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
- http://cgit.freedesktop.org/systemd/systemd/commit/?id=505b6a61c22d5565e9308045c7b9bf79f7d0517e
- http://www.debian.org/security/2013/dsa-2777
- http://www.openwall.com/lists/oss-security/2013/10/01/9
- https://bugzilla.redhat.com/show_bug.cgi?id=859051
- https://security.gentoo.org/glsa/201612-34
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/references
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/remedy
- agent/last-modified-date
- agent/severity
- agent/event
- agent/tags
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2013-4391
- vendor/systemd project
- canonical/systemd project systemd
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/7.0