vulnerability
F5 Networks: CVE-2018-16864: K06044762: systemd vulnerabilities CVE-2018-16864 and CVE-2018-16865
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:P/I:P/A:P) | 2019-01-10 | 2020-03-26 | 2025-02-18 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
2019-01-10
Added
2020-03-26
Modified
2025-02-18
Description
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable.
Solution
f5-big-ip-upgrade-latest
References
- BID-106523
- BID-106525
- CVE-2018-16864
- https://attackerkb.com/topics/CVE-2018-16864
- CVE-2018-16865
- https://attackerkb.com/topics/CVE-2018-16865
- DEBIAN-DSA-4367
- REDHAT-RHBA-2019:0327
- REDHAT-RHSA-2019:0049
- REDHAT-RHSA-2019:0204
- REDHAT-RHSA-2019:0271
- REDHAT-RHSA-2019:0342
- REDHAT-RHSA-2019:0361
- REDHAT-RHSA-2019:2402
- URL-https://my.f5.com/manage/s/article/K06044762
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.