vulnerability

F5 Networks: CVE-2018-16864: K06044762: systemd vulnerabilities CVE-2018-16864 and CVE-2018-16865

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	Jan 10, 2019	Mar 26, 2020	Mar 26, 2026

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Jan 10, 2019

Added

Mar 26, 2020

Modified

Mar 26, 2026

Description

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable.

Solution

f5-big-ip-upgrade-latest

References

CVE-2018-16864
https://attackerkb.com/topics/CVE-2018-16864
CVE-2018-16865
https://attackerkb.com/topics/CVE-2018-16865
CWE-770
https://my.f5.com/manage/s/article/K06044762

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report