Search CVE reports
1 – 10 of 50 results
CVE-2023-7008
Low prioritySome fixes available 2 of 9
A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to...
1 affected package
systemd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
systemd | Fixed | Vulnerable | Vulnerable | Needs evaluation | Needs evaluation |
CVE-2023-31439
Medium priority** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE:...
1 affected package
systemd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
systemd | — | Not affected | Not affected | Not affected | Not affected |
CVE-2023-31438
Medium priority** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent...
1 affected package
systemd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
systemd | — | Not affected | Not affected | Not affected | Not affected |
CVE-2023-31437
Medium priority** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying...
1 affected package
systemd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
systemd | — | Not affected | Not affected | Not affected | Not affected |
CVE-2023-26604
Low prioritysystemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set...
1 affected package
systemd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
systemd | Not affected | Not affected | Vulnerable | Vulnerable | Needs evaluation |
CVE-2022-4415
Medium prioritySome fixes available 3 of 5
A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.
1 affected package
systemd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
systemd | — | Fixed | Fixed | Ignored | Ignored |
CVE-2022-45873
Medium prioritysystemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary...
1 affected package
systemd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
systemd | — | Not affected | Not affected | Not affected | Not affected |
CVE-2022-3821
Medium priorityAn off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a...
1 affected package
systemd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
systemd | — | Fixed | Fixed | Fixed | Fixed |
CVE-2022-2526
Medium priorityA use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream...
1 affected package
systemd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
systemd | — | Not affected | Not affected | Fixed | Not affected |
CVE-2021-3997
Medium prioritySome fixes available 3 of 6
A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.
1 affected package
systemd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
systemd | — | — | Fixed | Ignored | Ignored |