Filtered by vendor Systemd Project
Subscribe
Total
47 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9445 | 1 Systemd Project | 1 Systemd | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it. | |||||
| CVE-2015-7510 | 1 Systemd Project | 1 Systemd | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd. | |||||
| CVE-2017-9217 | 1 Systemd Project | 1 Systemd | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section. | |||||
| CVE-2017-15908 | 2 Canonical, Systemd Project | 2 Ubuntu Linux, Systemd | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in the dns_packet_read_type_window() function of the 'systemd-resolved' service and cause a DoS of the affected service. | |||||
| CVE-2016-10156 | 1 Systemd Project | 1 Systemd | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
| A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. This is fixed in v229. | |||||
| CVE-2016-7795 | 2 Canonical, Systemd Project | 2 Ubuntu Linux, Systemd | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket. | |||||
| CVE-2016-7796 | 3 Novell, Redhat, Systemd Project | 9 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Suse Linux Enterprise Server For Sap and 6 more | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled. | |||||