vulnerability

Debian: CVE-2018-16865: systemd -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	Jan 9, 2019	Jan 14, 2019	Mar 30, 2026

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Jan 9, 2019

Added

Jan 14, 2019

Modified

Mar 30, 2026

Description

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable.

Solution

debian-upgrade-systemd

References

CVE-2018-16865
https://attackerkb.com/topics/CVE-2018-16865
CWE-770
DEBIAN-DSA-4367
EUVD-EUVD-2018-8656
https://euvd.enisa.europa.eu/vulnerability/EUVD-2018-8656

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report