Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2021:2717

Опубликовано: 20 июл. 2021
Источник: rocky
Оценка: Important

Описание

Important: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit.

Security Fix(es):

  • systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash (CVE-2021-33910)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
systemd-develi68645.el8_4.2systemd-devel-239-45.el8_4.2.i686.rpm
systemd-containerx86_6445.el8_4.2systemd-container-239-45.el8_4.2.x86_64.rpm
systemd-libsx86_6445.el8_4.2systemd-libs-239-45.el8_4.2.x86_64.rpm
systemdi68645.el8_4.2systemd-239-45.el8_4.2.i686.rpm
systemd-testsx86_6445.el8_4.2systemd-tests-239-45.el8_4.2.x86_64.rpm
systemd-libsi68645.el8_4.2systemd-libs-239-45.el8_4.2.i686.rpm
systemdx86_6445.el8_4.2systemd-239-45.el8_4.2.x86_64.rpm
systemd-journal-remotex86_6445.el8_4.2systemd-journal-remote-239-45.el8_4.2.x86_64.rpm
systemd-containeri68645.el8_4.2systemd-container-239-45.el8_4.2.i686.rpm
systemd-develx86_6445.el8_4.2systemd-devel-239-45.el8_4.2.x86_64.rpm

Показывать по

Связанные CVE

CVE-2021-33910

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2021-33910

CVSS3: 5.5
ubuntu
больше 4 лет назад

basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.

redhat логотип

CVE-2021-33910

CVSS3: 5.5
redhat
больше 4 лет назад

basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.

nvd логотип

CVE-2021-33910

CVSS3: 5.5
nvd
больше 4 лет назад

basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.

msrc логотип

CVE-2021-33910

CVSS3: 5.5
msrc
больше 4 лет назад

basic/unit-name.c in systemd prior to 246.15 247.8 248.5 and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.

debian логотип

CVE-2021-33910

CVSS3: 5.5
debian
больше 4 лет назад

basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 ...