ASA-201901-4 generated external raw

[ASA-201901-4] systemd: multiple issues
Arch Linux Security Advisory ASA-201901-4 ========================================= Severity: Medium Date : 2019-01-08 CVE-ID : CVE-2018-6954 CVE-2018-16866 Package : systemd Type : multiple issues Remote : No Link : Summary ======= The package systemd before version 240.0-3 is vulnerable to multiple issues including arbitrary file overwrite and information disclosure. Resolution ========== Upgrade to 240.0-3. # pacman -Syu "systemd>=240.0-3" The problems have been fixed upstream in version 240.0. Workaround ========== None. Description =========== - CVE-2018-6954 (arbitrary file overwrite) systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. This occurs even if the fs.protected_symlinks sysctl is turned on. - CVE-2018-16866 (information disclosure) An out-of-bounds read has been found in the journald component of systemd >= v221 and < v240, in the syslog_parse_identifier() function in journald-syslog.c. A crafted syslog message whose last character is ':' can trigger this vulnerability to leak information about the content of the memory. Impact ====== A local attacker is able to obtain ownership of arbitrary files or disclose information using a specially crafted syslog message. References ==========