Vulnerabilities > Systemd Project > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-13 | CVE-2018-6954 | Link Following vulnerability in multiple products systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. | 7.8 |
| 2018-01-29 | CVE-2017-18078 | Link Following vulnerability in multiple products systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is turned off, which allows local users to bypass intended access restrictions via vectors involving a hard link to a file for which the user lacks write access, as demonstrated by changing the ownership of the /etc/passwd file. | 7.8 |
| 2017-10-26 | CVE-2017-15908 | Infinite Loop vulnerability in multiple products In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service. | 7.5 |
| 2017-06-28 | CVE-2017-9445 | Out-of-bounds Write vulnerability in Systemd Project Systemd In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. | 7.5 |
| 2017-05-24 | CVE-2017-9217 | NULL Pointer Dereference vulnerability in Systemd Project Systemd systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section. | 7.5 |
| 2017-01-23 | CVE-2016-10156 | Permissions, Privileges, and Access Controls vulnerability in Systemd Project Systemd 228 A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. | 7.8 |