Описание
An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."
Ссылки
- PatchThird Party Advisory
- Technical Description
- Release Notes
- PatchThird Party Advisory
- Technical Description
- Release Notes
Уязвимые конфигурации
EPSS
5.3 Medium
CVSS3
Дефекты
Связанные уязвимости
An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."
An issue was discovered in systemd 253. An attacker can modify the con ...
An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications.
EPSS
5.3 Medium
CVSS3