Executive Summary

Summary
Titlesystemd security update
Informations
NameDSA-4393First vendor Publication2019-02-18
VendorDebianLast vendor Modification2019-02-18
Severity (Vendor) N/ARevision1

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score4.9Attack RangeLocal
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Chris Coulson discovered a flaw in systemd leading to denial of service. An unprivileged user could take advantage of this issue to crash PID1 by sending a specially crafted D-Bus message on the system bus.

For the stable distribution (stretch), this problem has been fixed in version 232-25+deb9u9.

We recommend that you upgrade your systemd packages.

For the detailed security status of systemd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/systemd

Original Source

Url : http://www.debian.org/security/2019/dsa-4393

CWE : Common Weakness Enumeration

%idName
100 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Application1
Os3
Os2
Os1
Os1
Os1
Os1
Os1
Os1
Os1
Os1

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2019-04-02 21:22:01
  • Multiple Updates
2019-03-21 21:21:40
  • Multiple Updates
2019-02-18 21:18:23
  • First insertion