Vendor CVEs
Systemd Project
All CVEs
62 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-15688 | 0.00 | — | 0.02 | Oct 26, 2018 | A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239. | |||
| CVE-2018-15686 | 0.00 | — | 0.02 | Oct 26, 2018 | A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd… | |||
| CVE-2018-15687 | 0.00 | — | 0.01 | Oct 26, 2018 | A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239. | |||
| CVE-2012-0871 | 0.00 | — | 0.00 | Apr 18, 2014 | The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/. | |||
| CVE-2013-4394 | 0.00 | — | 0.00 | Oct 28, 2013 | The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain… | |||
| CVE-2013-4393 | 0.00 | — | 0.00 | Oct 28, 2013 | journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor. | |||
| CVE-2013-4391 | 0.00 | — | 0.05 | Oct 28, 2013 | Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow. | |||
| CVE-2013-4327 | 0.00 | — | 0.00 | Oct 3, 2013 | systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to… | |||
| CVE-2012-1174 | 0.00 | — | 0.00 | Jul 12, 2012 | The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when logging out, allows local users to delete arbitrary files via a symlink attack on unspecified files, related to "particular records related with user session." | |||
| CVE-2011-0640 | 0.00 | — | 0.00 | Jan 25, 2011 | The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data… | |||
| CVE-2010-4176 | 0.00 | — | 0.02 | Dec 7, 2010 | plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak permissions for the /dev/systty device file, which allows remote authenticated users to read terminal data from tty0 for local users. | |||
| CVE-2009-1186 | 0.00 | — | 0.01 | Apr 17, 2009 | Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments. |
- CVE-2018-15688Oct 26, 2018risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.
- CVE-2018-15686Oct 26, 2018risk 0.00cvss —epss 0.02
A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd…
- CVE-2018-15687Oct 26, 2018risk 0.00cvss —epss 0.01
A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.
- CVE-2012-0871Apr 18, 2014risk 0.00cvss —epss 0.00
The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/.
- CVE-2013-4394Oct 28, 2013risk 0.00cvss —epss 0.00
The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain…
- CVE-2013-4393Oct 28, 2013risk 0.00cvss —epss 0.00
journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor.
- CVE-2013-4391Oct 28, 2013risk 0.00cvss —epss 0.05
Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow.
- CVE-2013-4327Oct 3, 2013risk 0.00cvss —epss 0.00
systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to…
- CVE-2012-1174Jul 12, 2012risk 0.00cvss —epss 0.00
The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when logging out, allows local users to delete arbitrary files via a symlink attack on unspecified files, related to "particular records related with user session."
- CVE-2011-0640Jan 25, 2011risk 0.00cvss —epss 0.00
The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data…
- CVE-2010-4176Dec 7, 2010risk 0.00cvss —epss 0.02
plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak permissions for the /dev/systty device file, which allows remote authenticated users to read terminal data from tty0 for local users.
- CVE-2009-1186Apr 17, 2009risk 0.00cvss —epss 0.01
Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.
Page 2 of 2