AVG-789

Package systemd
Status Fixed
Severity Critical
Type multiple issues
Affected 239.2-1
Fixed 239.300-1
Current 239.303-1 [core]
Ticket FS#60609
Created Fri Oct 26 06:50:37 2018
Issue Severity Remote Type Description
CVE-2018-15688 Critical Yes Arbitrary code execution
An out-of-bounds write has been found in the dhcpv6 option handing code of systemd-networkd up to and including v239.

It was discovered that...
CVE-2018-15687 High No Privilege escalation
A security issue has been found in systemd up to and including 239, where a race condition in the chown_one() function can be used to escalate privileges...
CVE-2018-15686 High No Privilege escalation
A security issue has been found in systemd up to and including 239, where the use of fgets() allows an attacker to escalate privilege via a crafted service...
Date Advisory Package Description
07 Nov 2018 ASA-201811-11 systemd multiple issues