CVE-2016-7795 log

Severity High
Remote No
Type Denial of service
systemd fails an assertion in manager_invoke_notify_message when a zero-length message is received over its notification socket. After failing the assertion, PID 1 hangs in the pause system call. It is no longer possible to start and stop daemons or cleanly reboot the system. Inetd-style services managed by systemd no longer accept connections.
Since the notification socket, /run/systemd/notify, is world-writable, this allows a local user to perform a denial-of-service attack against systemd.
    NOTIFY_SOCKET=/run/systemd/notify systemd-notify ""
Group Package Affected Fixed Severity Status Ticket
AVG-38 systemd 231-1 231-2 High Fixed FS#51035
Date Advisory Group Package Severity Type
04 Oct 2016 ASA-201610-2 AVG-38 systemd High denial of service
This vulnerability is present in all versions of systemd since at least v209.