Lucene search
UbuntuUSN-5583-1HistoryAug 29, 2022 - 12:00 a.m.
systemd vulnerability
2022-08-2900:00:00
ubuntu.com
35
ubuntu
systemd
user-after-free
vulnerability
dns
crash
arbitrary code
cve-2022-2526
esm
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
59.7%
Releases
- Ubuntu 18.04 ESM
Packages
- systemd - system and service manager
Details
It was discovered that systemd incorrectly handled certain DNS requests,
which leads to user-after-free vulnerability. An attacker could possibly use
this issue to cause a crash or execute arbitrary code. (CVE-2022-2526)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 18.04 | noarch | systemd | < 237-3ubuntu10.54 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libnss-myhostname | < 237-3ubuntu10.54 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libnss-myhostname-dbgsym | < 237-3ubuntu10.54 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libnss-mymachines | < 237-3ubuntu10.54 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libnss-mymachines-dbgsym | < 237-3ubuntu10.54 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libnss-resolve | < 237-3ubuntu10.54 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libnss-resolve-dbgsym | < 237-3ubuntu10.54 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libnss-systemd | < 237-3ubuntu10.54 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libnss-systemd-dbgsym | < 237-3ubuntu10.54 | UNKNOWN |
| Ubuntu | 18.04 | noarch | libpam-systemd | < 237-3ubuntu10.54 | UNKNOWN |
References
Related
redhat
redhat
(RHSA-2022:6163) Important: systemd security update
2022-08-24 15:26:30
(RHSA-2022:6162) Important: systemd security update
2022-08-24 15:21:11
(RHSA-2022:6206) Important: systemd security update
2022-08-29 15:56:37
ubuntucve
ubuntucve
CVE-2022-2526
2022-08-24 00:00:00
nessus
nessus
Ubuntu 18.04 LTS : systemd regression (USN-5583-2)
2022-09-14 00:00:00
CentOS 7 : systemd (CESA-2022:6160)
2022-09-01 00:00:00
RHEL 8 : systemd (RHSA-2022:6206)
2022-08-30 00:00:00
ubuntu
ubuntu
systemd regression
2022-09-14 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution in systemd (CVE-2022-2526)
2023-03-31 16:54:28
Security Bulletin: systemd vulnerability may affect IBM Elastic Storage System (CVE-2021-4203)
2022-12-12 09:37:59
Security Bulletin: Multiple Vulnerabilities in base image packages
2022-10-07 20:52:32
redhatcve
redhatcve
CVE-2022-2526
2022-08-19 13:38:44
osv
osv
systemd vulnerability
2022-08-29 08:54:00
Important: systemd security update
2022-08-29 00:00:00
CVE-2022-2526
2022-09-09 15:15:10
cloudfoundry
cloudfoundry
USN-5583-1: systemd vulnerability | Cloud Foundry
2022-09-29 00:00:00
USN-5583-2: systemd regression | Cloud Foundry
2022-09-29 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5583-1)
2022-08-31 00:00:00
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2023-1698)
2023-05-08 00:00:00
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2022-2450)
2022-10-10 00:00:00
cvelist
cvelist
CVE-2022-2526
2022-09-09 00:00:00
f5
f5
K000132680 : systemd vulnerability CVE-2022-2526
2023-02-21 00:00:00
rocky
rocky
systemd security update
2022-08-29 15:56:37
centos
centos
libgudev1, systemd security update
2022-09-01 22:04:07
cve
cve
CVE-2022-2526
2022-09-09 15:15:10
oraclelinux
oraclelinux
systemd security update
2022-08-25 00:00:00
systemd security update
2022-08-29 00:00:00
nvd
nvd
CVE-2022-2526
2022-09-09 15:15:10
prion
prion
Design/Logic Flaw
2022-09-09 15:15:00
almalinux
almalinux
Important: systemd security update
2022-08-29 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-10-05 22:31:55
redos
redos
ROS-20240403-04
2024-04-03 00:00:00
debiancve
debiancve
CVE-2022-2526
2022-09-09 15:15:10
photon
photon
Critical Photon OS Security Update - PHSA-2022-3.0-0456
2022-09-21 00:00:00
amazon
amazon
Important: systemd
2022-09-30 07:04:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
59.7%
Related for USN-5583-1