Описание
A flaw was found in systemd, a core component of Linux operating systems. A local user, without special privileges, can exploit this vulnerability. By manipulating a specific systemd unit configuration where delegation is enabled and the user is not set, the user can trigger an internal error, leading to a Denial of Service (DoS). This means the affected system may become unresponsive or crash, impacting its availability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | NetworkManager | Not affected | ||
| Red Hat Enterprise Linux 10 | rpm-ostree | Not affected | ||
| Red Hat Enterprise Linux 10 | systemd | Not affected | ||
| Red Hat Enterprise Linux 7 | systemd | Not affected | ||
| Red Hat Enterprise Linux 8 | NetworkManager | Not affected | ||
| Red Hat Enterprise Linux 8 | systemd | Not affected | ||
| Red Hat Enterprise Linux 9 | NetworkManager | Not affected | ||
| Red Hat Enterprise Linux 9 | systemd | Not affected | ||
| Red Hat Hardened Images | systemd | Not affected | ||
| Red Hat OpenShift Container Platform 4 | NetworkManager | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
4.7 Medium
CVSS3
Связанные уязвимости
In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User=<unset> unit exists and is running.
In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User=<unset> unit exists and is running.
In systemd 258 before 260, a local unprivileged user can trigger an as ...
In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User=<unset> unit exists and is running.
EPSS
4.7 Medium
CVSS3