systemd

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description system and service manager
Version 238.133-4 [core]

Open

Group Affected Fixed Severity Status Ticket
AVG-615 237.0-1 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2018-6954 AVG-615 Medium No Arbitrary file overwrite
systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-621 236.0-1 237.0-1 High Fixed
AVG-337 232-8 233-7 Medium Fixed
AVG-329 232-8 233-6 Critical Fixed FS#54619
AVG-38 231-1 231-2 High Fixed FS#51035
Issue Group Severity Remote Type Description
CVE-2017-9445 AVG-329 Critical Yes Arbitrary code execution
An out-of-bounds write was discovered in systemd-resolved when handling specially crafted DNS responses. A remote attacker could potentially exploit this to...
CVE-2017-9217 AVG-337 Medium Yes Denial of service
A security issue has been found in systemd-resolved, allowing a remote attacker to cause a denial of service (daemon crash via NULL-pointer dereference) via...
CVE-2017-18078 AVG-621 High No Access restriction bypass
systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is...
CVE-2016-7795 AVG-38 High No Denial of service
systemd fails an assertion in manager_invoke_notify_message when a zero-length message is received over its notification socket. After failing the...

Advisories

Date Advisory Group Severity Description
04 Jul 2017 ASA-201707-5 AVG-337 Medium denial of service
03 Jul 2017 ASA-201707-2 AVG-329 Critical arbitrary code execution
04 Oct 2016 ASA-201610-2 AVG-38 High denial of service