CVE-2021-33910 |
AVG-2179 |
Medium |
No |
Denial of service |
A denial of service security issue has been found in systemd before version 249.1. A local attacker who is able to mount a filesystem with a very long path... |
CVE-2020-13529 |
AVG-1935 |
Low |
Yes |
Denial of service |
An exploitable denial-of-service vulnerability exists in systemd- networkd before version 249. A maliciously crafted DHCP FORCERENEW packet can cause a... |
CVE-2020-1712 |
AVG-1094 |
High |
No |
Privilege escalation |
A heap use-after-free vulnerability was found in systemd before version 244.2, where asynchronous Polkit queries are performed while handling dbus messages.... |
CVE-2019-15718 |
AVG-1035 |
Medium |
No |
Access restriction bypass |
An improper authorization flaw was discovered in systemd-resolved before v234 in the way it configures the exposed DBus interface org.freedesktop.resolve1.... |
CVE-2019-6454 |
AVG-906 |
High |
No |
Denial of service |
It was found that bus_process_object() in bus-objects.c allocates a buffer on the stack large enough to temporarily store the object path specified in the... |
CVE-2018-16866 |
AVG-615 |
Medium |
No |
Information disclosure |
An out-of-bounds read has been found in the journald component of systemd >= v221 and < v240, in the syslog_parse_identifier() function in... |
CVE-2018-16865 |
AVG-845 |
High |
No |
Arbitrary code execution |
A memory corruption vulnerability has been found in the journald component of systemd >= v201 and <= v240, in the journal_file_append_entry() function.... |
CVE-2018-16864 |
AVG-845 |
High |
No |
Arbitrary code execution |
A memory corruption vulnerability has been found in the journald component of systemd >= v230 and <= v240, in the set_iovec_field() function. Passing... |
CVE-2018-15688 |
AVG-789 |
Critical |
Yes |
Arbitrary code execution |
An out-of-bounds write has been found in the dhcpv6 option handing code of systemd-networkd up to and including v239. It was discovered that... |
CVE-2018-15687 |
AVG-789 |
High |
No |
Privilege escalation |
A security issue has been found in systemd up to and including 239, where a race condition in the chown_one() function can be used to escalate privileges... |
CVE-2018-15686 |
AVG-789 |
High |
No |
Privilege escalation |
A security issue has been found in systemd up to and including 239, where the use of fgets() allows an attacker to escalate privilege via a crafted service... |
CVE-2018-6954 |
AVG-615 |
Medium |
No |
Arbitrary file overwrite |
systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of... |
CVE-2017-18078 |
AVG-621 |
High |
No |
Access restriction bypass |
systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is... |
CVE-2017-9445 |
AVG-329 |
Critical |
Yes |
Arbitrary code execution |
An out-of-bounds write was discovered in systemd-resolved when handling specially crafted DNS responses. A remote attacker could potentially exploit this to... |
CVE-2017-9217 |
AVG-337 |
Medium |
Yes |
Denial of service |
A security issue has been found in systemd-resolved, allowing a remote attacker to cause a denial of service (daemon crash via NULL-pointer dereference) via... |
CVE-2016-7795 |
AVG-38 |
High |
No |
Denial of service |
systemd fails an assertion in manager_invoke_notify_message when a zero-length message is received over its notification socket. After failing the... |