ALT-PU-2018-1110-1
Closed vulnerabilities
BDU:2020-04524
Уязвимость программы systemd-tmpfiles демона Systemd, позволяющая нарушителю обойти существующие ограничения доступа и раскрыть защищаемую информацию
Modified: 2024-11-21
CVE-2017-15908
In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service.
Modified: 2024-11-21
CVE-2017-18078
systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is turned off, which allows local users to bypass intended access restrictions via vectors involving a hard link to a file for which the user lacks write access, as demonstrated by changing the ownership of the /etc/passwd file.
- openSUSE-SU-2018:0560
- openSUSE-SU-2018:0560
- http://packetstormsecurity.com/files/146184/systemd-Local-Privilege-Escalation.html
- http://packetstormsecurity.com/files/146184/systemd-Local-Privilege-Escalation.html
- [oss-security] 20180129 CVE-2018-18078: systemd-tmpfiles root privilege escalation with fs.protected_hardlinks=0
- [oss-security] 20180129 CVE-2018-18078: systemd-tmpfiles root privilege escalation with fs.protected_hardlinks=0
- https://github.com/systemd/systemd/issues/7736
- https://github.com/systemd/systemd/issues/7736
- [bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
- [bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
- [bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
- [bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
- [debian-lts-announce] 20190424 [SECURITY] [DLA 1762-1] systemd security update
- [debian-lts-announce] 20190424 [SECURITY] [DLA 1762-1] systemd security update
- 43935
- 43935
- [oss-security] 20180129 Re: CVE-2017-18078: systemd-tmpfiles root privilege
- [oss-security] 20180129 Re: CVE-2017-18078: systemd-tmpfiles root privilege
Modified: 2024-11-21
CVE-2018-16888
It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the PIDFile of the mentioned service may use this flaw to trick systemd into killing other services and/or privileged processes. Versions before v237 are vulnerable.
- RHSA-2019:2091
- RHSA-2019:2091
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16888
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16888
- [cassandra-user] 20190809 cassandra does not start with new systemd version
- [cassandra-user] 20190809 cassandra does not start with new systemd version
- https://security.netapp.com/advisory/ntap-20190307-0007/
- https://security.netapp.com/advisory/ntap-20190307-0007/
- USN-4269-1
- USN-4269-1