Security News > 2019 > January > New Systemd Privilege Escalation Flaws Affect Most Linux Distributions
2019-01-10 12:33
Security researchers have discovered three vulnerabilities in Systemd, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems. The vulnerabilities, assigned as CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866, actually resides in the "systemd-journald" service
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/Me5q7V1edFQ/linux-systemd-exploit.html
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-11 | CVE-2018-16865 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. | 7.8 |
| 2019-01-11 | CVE-2018-16864 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. | 7.8 |
| 2019-01-11 | CVE-2018-16866 | Out-of-bounds Read vulnerability in multiple products An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. | 3.3 |