Vulnerabilities > Systemd Project > Systemd > 208
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-01-11 | CVE-2018-16864 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. | 7.8 |
2018-10-26 | CVE-2018-15688 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. | 5.8 |
2018-10-26 | CVE-2018-15686 | Deserialization of Untrusted Data vulnerability in multiple products A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. | 7.8 |
2018-02-16 | CVE-2018-1049 | Race Condition vulnerability in multiple products In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. | 4.3 |
2017-07-07 | CVE-2017-1000082 | Improper Privilege Management vulnerability in Systemd Project Systemd systemd v233 and earlier fails to safely parse usernames starting with a numeric digit (e.g. | 10.0 |
2017-05-24 | CVE-2017-9217 | NULL Pointer Dereference vulnerability in Systemd Project Systemd systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section. | 5.0 |
2013-10-28 | CVE-2013-4392 | Link Following vulnerability in Systemd Project Systemd systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files. | 3.3 |