An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ‘:’. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.
packetstormsecurity.com/files/152841/System-Down-A-systemd-journald-Exploit.html
seclists.org/fulldisclosure/2019/May/21
www.openwall.com/lists/oss-security/2019/05/10/4
www.securityfocus.com/bid/106527
access.redhat.com/errata/RHSA-2019:2091
access.redhat.com/errata/RHSA-2019:3222
access.redhat.com/errata/RHSA-2020:0593
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16866
seclists.org/bugtraq/2019/May/25
security.gentoo.org/glsa/201903-07
security.netapp.com/advisory/ntap-20190117-0001/
usn.ubuntu.com/3855-1/
www.debian.org/security/2019/dsa-4367
www.qualys.com/2019/01/09/system-down/system-down.txt