Package systemd updated to version 243-alt1 for branch sisyphus in task 237134.

Published: 2020-01-21

BDU:2020-05729

Уязвимость подсистемы инициализации и управления службами в Linux systemd, связанная с неосвобождением ресурса после истечения действительного срока его эксплуатации, позволяющая нарушителю вызвать отказ в обслуживаниии

Severity: LOW (2.4) Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References:

CVE-2019-20386

Published: 2019-05-17
Modified: 2024-11-21

CVE-2018-20839

systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.

Severity: MEDIUM (4.3) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

References:

Published: 2020-01-21
Modified: 2024-11-21

CVE-2019-20386

An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.

Severity: LOW (2.4) Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References:

Version: 2.1.0

Package systemd update in sisyphus on 2019-09-05

ALT-PU-2019-2645-1

Closed vulnerabilities

BDU:2020-05729

CVE-2018-20839

CVE-2019-20386