Описание
The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| systemd | fixed | 231-9 | package | |
| systemd | not-affected | jessie | package | |
| systemd | not-affected | wheezy | package |
Примечания
https://github.com/systemd/systemd/issues/4234
https://github.com/systemd/systemd/commit/531ac2b2349da02acc9c382849758e07eb92b020
Originally fixed in 231-8 but caused a regression fixed in 231-9
https://www.agwa.name/blog/post/how_to_crash_systemd_in_one_tweet
Связанные уязвимости
The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.
The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.
The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.
The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.
ELSA-2016-2610: systemd security and bug fix update (MODERATE)