libsystemd.so is vulnerable to denial of service. The vulnerability exists in parse_elf_object
function of elf-util.c
due to a systemd-coredump deadlock which allows an attacker to cause an application crash by providing malicious input.
github.com/advisories/GHSA-3w8w-mhj7-j5rc
github.com/systemd/systemd/commit/076b807be472630692c5348c60d0c2b7b28ad437
github.com/systemd/systemd/pull/24853#issuecomment-1326561497
github.com/systemd/systemd/pull/25055
github.com/systemd/systemd/pull/25055#issuecomment-1313733553
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MS5N5SLYAHKENLAJWYBDKU55ICU3SVZF/
lists.fedoraproject.org/archives/list/[email protected]/message/MS5N5SLYAHKENLAJWYBDKU55ICU3SVZF/