MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
systemd-journald
Search

A set of systemd-journald exploits

Thursday January 10, 2019. 04:42 PM , from LWN.net
Qualys has sent out a security advisory describing three stack-overrun
vulnerabilities in systemd-journald. 'We developed an exploit for CVE-2018-16865 and CVE-2018-16866 that
obtains a local root shell in 10 minutes on i386 and 70 minutes on
amd64, on average. We will publish our exploit in the near future.

To the best of our knowledge, all systemd-based Linux distributions are
vulnerable, but SUSE Linux Enterprise 15, openSUSE Leap 15.0, and Fedora
28 and 29 are not exploitable because their user space is compiled with
GCC's -fstack-clash-protection.'
https://lwn.net/Articles/776404/rss

Related News

News copyright owned by their original publishers | Copyright © 2004 - 2019 Zicos / 440Network
Current Date
Mar, Thu 21 - 05:29 CET