AVG-615

Package systemd
Status Fixed
Severity Medium
Type multiple issues
Affected 239.2-1
Fixed 240.0-3
Current 242.84-2 [core]
Ticket None
Created Thu Feb 15 22:17:57 2018
Issue Severity Remote Type Description
CVE-2018-16866 Medium No Information disclosure
An out-of-bounds read has been found in the journald component of systemd >= v221 and < v240, in the syslog_parse_identifier() function in...
CVE-2018-6954 Medium No Arbitrary file overwrite
systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of...
Date Advisory Package Description
08 Jan 2019 ASA-201901-4 systemd multiple issues
Notes
Looks like the real fix for this issue has been merged and will make it to 240 (https://github.com/systemd/systemd/pull/8822).