Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redosRedosROS-20240425-05
HistoryApr 25, 2024 - 12:00 a.m.

ROS-20240425-05

2024-04-2500:00:00
redos.red-soft.ru
11
systemd
vulnerability
access control
confidentiality
denial of service
kernel misconfiguration
buffer restart
dns
dnssec
remote attacker
authentication

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.7%

JSON

A vulnerability in the systemctl status command of the Systemd service initialization and management subsystem is related to
access control flaws. Exploitation of the vulnerability could allow an attacker to gain access to
confidential data, compromise its integrity, and cause a denial of service

A vulnerability in the systemd-coredump service of the Systemd daemon is related to kernel misconfiguration
fs.suid_dumpable. Exploitation of the vulnerability could allow an attacker to affect the
confidentiality of protected information

Vulnerability in the_timespan() function of the time-util.c function of the service initialization and management subsystem of the
Systemd is related to the fact that certain values for time and precision cause a buffer restart in the
format_timespan(). Exploitation of the vulnerability could allow an attacker acting remotely to cause a
denial of service

A vulnerability in the network connection and domain name resolution management service (DNS) systemd-resolved
is related to a flaw in authenticating messages from DNS clients. Exploitation of the vulnerability could
allow a remote attacker to modify DNSSEC-protected DNS records by sending specially crafted DNS queries.
specially crafted DNS queries

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64systemd<= 249.17-1UNKNOWN

Related

redhat 11
nessus 69
openvas 46
ibm 7
ubuntu 1
osv 14
cloudfoundry 1
cbl_mariner 5
nvd 3
veracode 3
oraclelinux 4
ubuntucve 2
packetstorm 1
rocky 3
cvelist 3
debiancve 3
debian 2
zdt 1
redhatcve 4
prion 3
almalinux 4
cve 3
amazon 2
fedora 2
mageia 2
redhat
redhat
(RHSA-2024:1105) Moderate: systemd security update
2024-03-05 10:44:55
(RHSA-2024:2062) Important: Service Telemetry Framework 1.5.4 security update
2024-04-25 14:24:52
(RHSA-2024:1210) Moderate: OpenShift Container Platform 4.15.2 bug fix and security update
2024-03-13 15:28:38
nessus
nessus
SUSE SLES12 Security Update : systemd (SUSE-SU-2023:1776-1)
2023-04-06 00:00:00
RHEL 8 : systemd (RHSA-2024:1105)
2024-03-05 00:00:00
EulerOS 2.0 SP9 : systemd (EulerOS-SA-2023-1880)
2023-05-13 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:1776-1)
2023-04-06 00:00:00
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2023-2027)
2023-06-01 00:00:00
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2023-1855)
2023-05-10 00:00:00
ibm
ibm
Security Bulletin: Multiple security vulnerabilities in systemd may affect IBM Storage Scale System
2023-12-12 11:47:26
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to systemd denial of service and information disclosure vulnerabilities( CVE-2022-3821, CVE-2022-4415)
2023-07-06 17:14:33
Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to privilege elevation due to [CVE-2023-26604]
2023-07-27 15:46:32
ubuntu
ubuntu
systemd vulnerabilities
2023-03-07 00:00:00
osv
osv
systemd vulnerabilities
2023-03-07 07:35:51
Moderate: systemd security and bug fix update
2023-08-31 16:54:20
Moderate: systemd security and bug fix update
2023-06-27 00:00:00
cloudfoundry
cloudfoundry
USN-5928-1: systemd vulnerabilities | Cloud Foundry
2023-04-20 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-26604 affecting package systemd 239-43
2023-04-20 19:17:28
CVE-2022-3821 affecting package systemd for versions less than 250.3-10
2022-12-09 00:19:56
CVE-2022-3821 affecting package systemd 239-42
2022-12-06 23:44:35
nvd
nvd
CVE-2023-26604
2023-03-03 16:15:10
CVE-2022-3821
2022-11-08 22:15:16
CVE-2022-4415
2023-01-11 15:15:09
veracode
veracode
Privilege Escalation
2023-03-09 21:02:25
Information Disclosure
2023-03-07 00:47:40
Denial Of Service (DoS)
2022-11-16 17:05:30
oraclelinux
oraclelinux
systemd security and bug fix update
2023-07-20 00:00:00
systemd security update
2024-05-03 00:00:00
systemd security and bug fix update
2023-01-14 00:00:00
ubuntucve
ubuntucve
CVE-2023-26604
2023-03-03 00:00:00
CVE-2022-3821
2022-11-08 00:00:00
packetstorm
packetstorm
systemd 246 Local Root Privilege Escalation
2023-08-11 00:00:00
rocky
rocky
systemd security and bug fix update
2023-08-31 16:54:20
systemd security update
2023-01-23 14:30:26
systemd security and bug fix update
2023-02-22 01:08:44
cvelist
cvelist
CVE-2023-26604
2023-03-03 00:00:00
CVE-2022-3821
2022-11-08 00:00:00
CVE-2022-4415
2023-01-11 00:00:00
debiancve
debiancve
CVE-2023-26604
2023-03-03 16:15:10
CVE-2022-3821
2022-11-08 22:15:16
CVE-2022-4415
2023-01-11 15:15:09
debian
debian
[SECURITY] [DLA 3377-1] systemd security update
2023-03-31 20:56:09
[SECURITY] [DLA 3474-1] systemd security update
2023-06-29 20:57:16
zdt
zdt
systemd 246 - Local Privilege Escalation Vulnerability
2023-08-10 00:00:00
redhatcve
redhatcve
CVE-2023-26604
2023-03-06 06:59:19
CVE-2022-4415
2022-12-21 12:35:56
CVE-2022-3821
2022-11-02 09:55:56
prion
prion
Design/Logic Flaw
2023-03-03 16:15:00
Buffer overflow
2022-11-08 22:15:00
Design/Logic Flaw
2023-01-11 15:15:00
almalinux
almalinux
Moderate: systemd security and bug fix update
2023-06-27 00:00:00
Moderate: systemd security and bug fix update
2023-02-21 00:00:00
Moderate: systemd security and bug fix update
2023-01-12 00:00:00
cve
cve
CVE-2023-26604
2023-03-03 16:15:10
CVE-2022-4415
2023-01-11 15:15:09
CVE-2022-3821
2022-11-08 22:15:16
amazon
amazon
Important: systemd
2023-03-30 18:55:00
Medium: systemd
2022-12-01 20:32:00
fedora
fedora
[SECURITY] Fedora 37 Update: systemd-251.10-588.fc37
2022-12-23 01:21:15
[SECURITY] Fedora 35 Update: systemd-249.13-6.fc35
2022-11-20 01:34:55
mageia
mageia
Updated systemd packages fix security vulnerability
2023-07-07 08:54:45
Updated systemd packages fix security vulnerability
2022-11-17 23:45:15

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.7%

JSON
Related for ROS-20240425-05
redhat11nessus69openvas46ibm7ubuntu1osv14cloudfoundry1cbl_mariner5nvd3veracode3oraclelinux4ubuntucve2packetstorm1rocky3cvelist3debiancve3debian2zdt1redhatcve4prion3almalinux4cve3amazon2fedora2mageia2