Lucene search

DebianDEBIAN:DLA-1639-1:E2273

HistoryJan 23, 2019 - 4:26 a.m.

[SECURITY] [DLA 1639-1] systemd security update

2019-01-2304:26:20

lists.debian.org

269

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.2

Confidence

Low

EPSS

Percentile

10.1%

JSON

Package : systemd
Version : 215-17+deb8u9
CVE ID : CVE-2018-16864 CVE-2018-16865
Debian Bug : 918841 918848

Multiple vulnerabilities were found in the journald component of
systemd which can lead to a crash or code execution.

CVE-2018-16864

An allocation of memory without limits, that could result in the
stack clashing with another memory region, was discovered in
systemd-journald when many entries are sent to the journal
socket. A local attacker, or a remote one if
systemd-journal-remote is used, may use this flaw to crash
systemd-journald or execute code with journald privileges.

CVE-2018-16865

An allocation of memory without limits, that could result in the
stack clashing with another memory region, was discovered in
systemd-journald when a program with long command line arguments
calls syslog. A local attacker may use this flaw to crash
systemd-journald or escalate his privileges. Versions through v240
are vulnerable.

For Debian 8 "Jessie", these problems have been fixed in version
215-17+deb8u9.

We recommend that you upgrade your systemd packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: PGP signature

OSVersionArchitecturePackageVersionFilename
Debian9armellibnss-myhostname< 232-25+deb9u7libnss-myhostname_232-25+deb9u7_armel.deb
Debian9mipsellibudev1-dbgsym< 232-25+deb9u7libudev1-dbgsym_232-25+deb9u7_mipsel.deb
Debian8armellibsystemd-dev< 215-17+deb8u9libsystemd-dev_215-17+deb8u9_armel.deb
Debian9mipslibudev-dev< 232-25+deb9u7libudev-dev_232-25+deb9u7_mips.deb
Debian9armelsystemd-journal-remote< 232-25+deb9u7systemd-journal-remote_232-25+deb9u7_armel.deb
Debian8armhflibsystemd0< 215-17+deb8u9libsystemd0_215-17+deb8u9_armhf.deb
Debian9ppc64ellibsystemd-dev-dbgsym< 232-25+deb9u7libsystemd-dev-dbgsym_232-25+deb9u7_ppc64el.deb
Debian9mipsellibsystemd0-dbgsym< 232-25+deb9u7libsystemd0-dbgsym_232-25+deb9u7_mipsel.deb
Debian9arm64libnss-myhostname< 232-25+deb9u7libnss-myhostname_232-25+deb9u7_arm64.deb
Debian9armhflibudev1-dbgsym< 232-25+deb9u7libudev1-dbgsym_232-25+deb9u7_armhf.deb

OS	Version	Architecture	Package	Version	Filename
Debian	9	armel	libnss-myhostname	< 232-25+deb9u7	libnss-myhostname_232-25+deb9u7_armel.deb
Debian	9	mipsel	libudev1-dbgsym	< 232-25+deb9u7	libudev1-dbgsym_232-25+deb9u7_mipsel.deb
Debian	8	armel	libsystemd-dev	< 215-17+deb8u9	libsystemd-dev_215-17+deb8u9_armel.deb
Debian	9	mips	libudev-dev	< 232-25+deb9u7	libudev-dev_232-25+deb9u7_mips.deb
Debian	9	armel	systemd-journal-remote	< 232-25+deb9u7	systemd-journal-remote_232-25+deb9u7_armel.deb
Debian	8	armhf	libsystemd0	< 215-17+deb8u9	libsystemd0_215-17+deb8u9_armhf.deb
Debian	9	ppc64el	libsystemd-dev-dbgsym	< 232-25+deb9u7	libsystemd-dev-dbgsym_232-25+deb9u7_ppc64el.deb
Debian	9	mipsel	libsystemd0-dbgsym	< 232-25+deb9u7	libsystemd0-dbgsym_232-25+deb9u7_mipsel.deb
Debian	9	arm64	libnss-myhostname	< 232-25+deb9u7	libnss-myhostname_232-25+deb9u7_arm64.deb
Debian	9	armhf	libudev1-dbgsym	< 232-25+deb9u7	libudev1-dbgsym_232-25+deb9u7_armhf.deb