vulnerability

Ubuntu: USN-3855-1 (CVE-2018-16865): systemd vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	Jan 9, 2019	Jan 23, 2019	Nov 27, 2024

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Jan 9, 2019

Added

Jan 23, 2019

Modified

Nov 27, 2024

Description

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable.

Solution

ubuntu-upgrade-systemd

References

CVE-2018-16865
https://attackerkb.com/topics/CVE-2018-16865
DEBIAN-DSA-4367
NVD-CVE-2018-16865
UBUNTU-USN-3855-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today