ELSA-2023-0336

Опубликовано: 26 янв. 2023

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2023-0336: systemd security update (MODERATE)

[250-12.0.2.el9_1.1]

Backport upstream pstore dmesg fix [Orabug: 34868110]
Remove upstream references [Orabug: 33995357]
Disable unprivileged BPF by default [Orabug: 32870980]
udev rules: fix memory hot add and remove [Orabug: 31310273]
set 'RemoveIPC=no' in logind.conf as default for OL7.2 [Orabug: 22224874]
allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469]
fix _netdev is missing for iscsi entry in /etc/fstab (tony.l.lam@oracle.com) [Orabug: 25897792]
shutdown: get only active md arrays. [Orabug: 34467234]

[250-12.1]

time-util: fix buffer-over-run (#2139388)

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

systemd

250-12.0.2.el9_1.1

systemd-container

250-12.0.2.el9_1.1

systemd-devel

250-12.0.2.el9_1.1

systemd-journal-remote

250-12.0.2.el9_1.1

systemd-libs

250-12.0.2.el9_1.1

systemd-oomd

250-12.0.2.el9_1.1

systemd-pam

250-12.0.2.el9_1.1

systemd-resolved

250-12.0.2.el9_1.1

systemd-rpm-macros

250-12.0.2.el9_1.1

systemd-udev

250-12.0.2.el9_1.1

Oracle Linux x86_64

systemd

250-12.0.2.el9_1.1

systemd-container

250-12.0.2.el9_1.1

systemd-devel

250-12.0.2.el9_1.1

systemd-journal-remote

250-12.0.2.el9_1.1

systemd-libs

250-12.0.2.el9_1.1

systemd-oomd

250-12.0.2.el9_1.1

systemd-pam

250-12.0.2.el9_1.1

systemd-resolved

250-12.0.2.el9_1.1

systemd-rpm-macros

250-12.0.2.el9_1.1

systemd-udev

250-12.0.2.el9_1.1

Связанные CVE

CVE-2022-3821

Ссылки на источники

Связанные уязвимости

CVE-2022-3821

CVSS3: 5.5

ubuntu

почти 3 года назад

An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.