Latest Systemd project Vulnerabilities

CVE-2023-7008
Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes
Systemd Project Systemd=25
Debian Debian Linux=8.0
Debian Debian Linux=9.0
redhat/systemd<25
CVE-2023-31437
** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor repor...
Systemd Project Systemd=253
=253
CVE-2023-31438
** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NO...
Systemd Project Systemd=253
=253
CVE-2023-31439
** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error,...
Systemd Project Systemd=253
=253
CVE-2023-26604
systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specificall...
Systemd Project Systemd<247
redhat/systemd<247
CVE-2022-4415
A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.
Systemd Project Systemd>=246<253
CVE-2022-45873
systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation me...
Systemd Project Systemd>=250<=251
Systemd Project Systemd=252-rc1
Systemd Project Systemd=252-rc2
Fedoraproject Fedora=36
redhat/systemd<252
CVE-2022-3821
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_...
Systemd Project Systemd<=251
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
Fedoraproject Fedora=35
redhat/systemd<251
redhat/systemd<252
CVE-2022-2526
systemd could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw due to the on_stream_io() function and dns_stream_complete() function in "resolved-dns-st...
redhat/systemd<0:219-78.el7_9.7
redhat/systemd<0:239-58.el8_6.4
redhat/systemd<0:239-18.el8_1.11
redhat/systemd<0:239-31.el8_2.9
redhat/systemd<0:239-45.el8_4.12
IBM BM Security Guardium<=11.3
and 13 more
CVE-2021-3997
A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.
Systemd Project Systemd>=240<250.2
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
and 2 more
CVE-2021-33910
Systemd is vulnerable to a denial of service, caused by a memory allocation with an excessive size value in basic/unit-name.c. By sending a specially-crafted request, a local attacker could exploit th...
redhat/systemd<249
redhat/systemd<0:239-45.el8_4.2
redhat/systemd<0:239-18.el8_1.8
redhat/systemd<0:239-31.el8_2.4
redhat/redhat-virtualization-host<0:4.4.7-20210715.1.el8_4
Systemd Project Systemd<246.15
and 12 more
CVE-2020-13529
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing atta...
Systemd Project Systemd=245
Fedoraproject Fedora=33
Netapp Active Iq Unified Manager Vsphere
Netapp Cloud Backup
CVE-2020-13776
systemd could allow a local authenticated attacker to gain elevated privileges on the system, caused by the mishandling of numerical usernames. By sending a specially-crafted request, an attacker coul...
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
IBM Cloud Pak for Security (CP4S)<=1.7.1.0
IBM Cloud Pak for Security (CP4S)<=1.7.0.0
Systemd Project Systemd<=245
Netapp Active Iq Unified Manager Vmware Vsphere
Netapp Solidfire \& Hci Management Node
and 1 more
CVE-2020-1712
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse ...
redhat/systemd<245
Systemd Project Systemd<=244
Redhat Ceph Storage=4.0
Redhat Discovery
Redhat Migration Toolkit=1.0
Redhat Openshift Container Platform=4.0
and 15 more
CVE-2019-20386
An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.
ubuntu/systemd<237-3ubuntu10.38
ubuntu/systemd<242-7ubuntu3.6
ubuntu/systemd<243-5
ubuntu/systemd<229-4ubuntu21.27
Systemd Project Systemd<243
Canonical Ubuntu Linux=16.04
and 8 more
CVE-2018-21029
** DISPUTED ** systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication (SNI) is not sent, and there is no hostname validation...
Systemd Project Systemd>=239<244
Fedoraproject Fedora=31
>=239<244
=31
CVE-2019-15718
In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access ...
redhat/systemd<0:239-18.el8
Systemd Project Systemd=240
Fedoraproject Fedora=29
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Redhat Openshift Container Platform=4.1
and 24 more
CVE-2018-20839
systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occ...
Systemd Project Systemd=242
Netapp Cn1610 Firmware
Netapp Cn1610
Netapp Snapprotect
IBM Cloud Pak for Business Automation
CVE-2019-3842
systemd could allow a local authenticated attacker to gain elevated privileges on the system, caused by the failure to properly sanitize the environment before using the XDG_SEAT variable by pam_syste...
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
IBM Cloud Pak for Security (CP4S)<=1.7.1.0
IBM Cloud Pak for Security (CP4S)<=1.7.0.0
Systemd Project Systemd<=241
Systemd Project Systemd=242-rc1
Systemd Project Systemd=242-rc2
and 4 more
CVE-2019-3844
It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transie...
Systemd Project Systemd<242
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
Netapp Hci Management Node
Netapp Snapprotect
and 8 more
CVE-2019-3843
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated...
Systemd Project Systemd<242
Fedoraproject Fedora=30
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
Netapp Hci Management Node
and 9 more
CVE-2019-6454
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D...
Systemd Project Systemd=239
openSUSE Leap=15.0
Netapp Active Iq Performance Analytics Services
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Fedoraproject Fedora=29
and 53 more
CVE-2018-16888
It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service f...
Systemd Project Systemd<237
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
Redhat Enterprise Linux=7.0
Netapp Active Iq Performance Analytics Services
and 5 more
CVE-2018-16866
A flaw was found in systemd-journald. An out-of-bounds read when parsing a crafted syslog message that could lead to information disclosure.
Systemd Project Systemd>=221<=239
Debian Debian Linux=9.0
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=18.10
Netapp Active Iq Performance Analytics Services
and 25 more
CVE-2018-16865
A flaw was found in systemd-journald. An uncontrolled alloca() by writing a crafted message to /run/systemd/journal/socket that results in a stack buffer overflow. This can lead to a denial of service...
Systemd Project Systemd<=240
Redhat Enterprise Linux Desktop=7.0
Redhat Enterprise Linux Server=7.0
Redhat Enterprise Linux Server Aus=7.3
Redhat Enterprise Linux Server Aus=7.6
Redhat Enterprise Linux Server Eus=7.5
and 19 more
CVE-2018-16864
A flaw was found in systemd-journald. A stack buffer overflow when passing several MB of arguments to a program calling syslog function. This can lead to a denial of service attack or arbitrary code e...
Systemd Project Systemd<=240
Redhat Enterprise Linux Desktop=7.0
Redhat Enterprise Linux Server=7.0
Redhat Enterprise Linux Server=7.4
Redhat Enterprise Linux Server=7.5
Redhat Enterprise Linux Server=7.6
and 22 more
CVE-2018-15687
A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=18.10
Systemd Project Systemd>=235<240
ubuntu/systemd<229-4ubuntu21.8
ubuntu/systemd<237-3ubuntu10.6
and 2 more
CVE-2018-15686
A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and...
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=18.10
Debian Debian Linux=8.0
Systemd Project Systemd<=239
Oracle Communications Cloud Native Core Network Function Cloud Native Environment=1.4.0
and 4 more
CVE-2018-15688
A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including...
Systemd Project Systemd<=239
Debian Debian Linux=8.0
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=18.10
Redhat Enterprise Linux Desktop=7.0
and 13 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203