First published: Mon Feb 18 2019(Updated: )
It was discovered that systemd incorrectly handled certain D-Bus messages. A local unprivileged attacker could exploit this in order to crash the init process, resulting in a system denial-of-service (kernel panic).
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/libsystemd0 | <239-7ubuntu10.8 | 239-7ubuntu10.8 |
=18.10 | ||
All of | ||
ubuntu/systemd | <239-7ubuntu10.8 | 239-7ubuntu10.8 |
=18.10 | ||
All of | ||
ubuntu/libsystemd0 | <237-3ubuntu10.13 | 237-3ubuntu10.13 |
=18.04 | ||
All of | ||
ubuntu/systemd | <237-3ubuntu10.13 | 237-3ubuntu10.13 |
=18.04 | ||
All of | ||
ubuntu/libsystemd0 | <229-4ubuntu21.16 | 229-4ubuntu21.16 |
=16.04 | ||
All of | ||
ubuntu/systemd | <229-4ubuntu21.16 | 229-4ubuntu21.16 |
=16.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this systemd vulnerability is USN-3891-1.
The severity level of USN-3891-1 is not provided.
The affected software versions are libsystemd0 version 239-7ubuntu10.8 on Ubuntu 18.10, systemd version 239-7ubuntu10.8 on Ubuntu 18.10, libsystemd0 version 237-3ubuntu10.13 on Ubuntu 18.04, systemd version 237-3ubuntu10.13 on Ubuntu 18.04, libsystemd0 version 229-4ubuntu21.16 on Ubuntu 16.04, and systemd version 229-4ubuntu21.16 on Ubuntu 16.04.
This vulnerability can be exploited by a local unprivileged attacker to crash the init process, resulting in a system denial-of-service (kernel panic).
To fix USN-3891-1, you should update the affected software packages to the specified fixed versions.