Vulnerabilities > Systemd Project > Systemd > 234
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-01-11 | CVE-2018-16865 | An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. | 7.8 |
2019-01-11 | CVE-2018-16864 | An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. | 7.8 |
2019-01-11 | CVE-2018-16866 | An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. | 3.3 |
2018-10-26 | CVE-2018-15688 | Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. | 8.8 |
2018-10-26 | CVE-2018-15686 | Deserialization of Untrusted Data vulnerability in multiple products A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. | 7.8 |
2018-02-13 | CVE-2018-6954 | Link Following vulnerability in multiple products systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. | 7.8 |
2018-01-29 | CVE-2017-18078 | Link Following vulnerability in multiple products systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is turned off, which allows local users to bypass intended access restrictions via vectors involving a hard link to a file for which the user lacks write access, as demonstrated by changing the ownership of the /etc/passwd file. | 7.8 |
2017-10-26 | CVE-2017-15908 | Infinite Loop vulnerability in multiple products In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service. | 7.5 |