ALT-PU-2022-2566-1
Closed vulnerabilities
Published: 2022-08-23
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-3997
A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
- https://access.redhat.com/security/cve/CVE-2021-3997
- https://access.redhat.com/security/cve/CVE-2021-3997
- https://bugzilla.redhat.com/show_bug.cgi?id=2024639
- https://bugzilla.redhat.com/show_bug.cgi?id=2024639
- https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1
- https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1
- GLSA-202305-15
- GLSA-202305-15
- https://www.openwall.com/lists/oss-security/2022/01/10/2
- https://www.openwall.com/lists/oss-security/2022/01/10/2
Published: 2022-11-09
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-3821
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
- https://bugzilla.redhat.com/show_bug.cgi?id=2139327
- https://bugzilla.redhat.com/show_bug.cgi?id=2139327
- https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e
- https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e
- https://github.com/systemd/systemd/issues/23928
- https://github.com/systemd/systemd/issues/23928
- https://github.com/systemd/systemd/pull/23933
- https://github.com/systemd/systemd/pull/23933
- [debian-lts-announce] 20230629 [SECURITY] [DLA 3474-1] systemd security update
- [debian-lts-announce] 20230629 [SECURITY] [DLA 3474-1] systemd security update
- FEDORA-2022-8ac4104a02
- FEDORA-2022-8ac4104a02
- GLSA-202305-15
- GLSA-202305-15
Closed bugs
Есть правило для неизвестной группы sgx